[
https://issues.apache.org/jira/browse/KNOX-3134?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18004052#comment-18004052
]
ASF subversion and git services commented on KNOX-3134:
-------------------------------------------------------
Commit 06c3f8c4c28b63b060528272dc8e6c023598416d in knox's branch
refs/heads/dependabot/npm_and_yarn/knox-token-generation-ui/multi-635efc449e
from hanicz
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=06c3f8c4c ]
KNOX-3134: Set Secure and HttpOnly attributes for pac4jCsrfToken Cookie (#1029)
* KNOX-3134: Set Secure and HttpOnly attributes for pac4jCsrfToken Cookie
* KNOX-3134: Pac4jProviderTest nullpointer fix
> pac4jCsrfToken cookie Secure and HttpOnly attributes are not set
> ----------------------------------------------------------------
>
> Key: KNOX-3134
> URL: https://issues.apache.org/jira/browse/KNOX-3134
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 2.1.0
> Reporter: Tamás Hanicz
> Assignee: Tamás Hanicz
> Priority: Major
> Fix For: 2.1.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> pac4jCsrfToken cookie Secure and HttpOnly attributes are not set
>
> The fix is included in 5.1.5
> [https://www.pac4j.org/5.1.x/docs/release-notes.html]
> pac4j 5.x requires jdk11
> [https://www.pac4j.org/docs/alldocs.html]
>
> Custom solution is required to set the attributes.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
