stable
Clone or download
Read-only
Can not login on HTTP only instances or instances with an empty sys_https_host setting
The cookie prefix protection should not be set if it is not certain that the Tuleap instance can be accessed over HTTPS. This is part of request #10979: Implement Same-Site cookie and cookie prefixes protections Change-Id: Ia74ca79c4d8744925a5030a7933c0812e1725637
Modified Files
Name | ||||
---|---|---|---|---|
M | src/common/include/CookieManager.class.php | +7 | −4 | Go to diff View file |
M | tests/simpletest/common/include/CookieManagerTest.php | +14 | −1 | Go to diff View file |