Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-27277

ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookie no HttpOnly flag

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • core
    • None

      Jenkins' remember me cookie (ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE) is set without the HttpOnly flag.

      Both the JSESSIONID and the ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE cookies can be used interchangeably to access the application.

            kohsuke Kohsuke Kawaguchi
            _ikki Luca Carettoni
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: