[ https://issues.apache.org/jira/browse/HADOOP-10379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Haohui Mai updated HADOOP-10379: -------------------------------- Attachment: HADOOP-10379.000.patch > Protect authentication cookies with the HttpOnly and Secure flags > ----------------------------------------------------------------- > > Key: HADOOP-10379 > URL: https://issues.apache.org/jira/browse/HADOOP-10379 > Project: Hadoop Common > Issue Type: Improvement > Reporter: Haohui Mai > Assignee: Haohui Mai > Attachments: HADOOP-10379.000.patch > > > Browser vendors have adopted proposals to enhance the security of HTTP > cookies. For example, the server can mark a cookie as {{Secure}} so that it > will not be transfer via plain-text HTTP protocol, and the server can mark a > cookie as {{HttpOnly}} to prohibit the JavaScript to access that cookie. > This jira proposes to adopt these flags in Hadoop to protect the HTTP cookie > used for authentication purposes. -- This message was sent by Atlassian JIRA (v6.2#6252)