6.0.0-beta1
11/7/25

[#7903] Insecure Cookies Sanitization Over HTTPS
Summary Insecure Cookies Sanitization Over HTTPS
Queue Horde Base
Queue Version 3.3.3
Type Bug
State No Feedback
Priority 2. Medium
Owners
Requester adi.zerok (at) gmail (dot) com
Created 01/27/2009 (6128 days ago)
Due 01/27/2009 (6128 days ago)
Updated 02/09/2009 (6115 days ago)
Assigned 01/27/2009 (6128 days ago)
Resolved 02/09/2009 (6115 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch No

History
02/09/2009 02:25:11 PM Jan Schneider State ⇒ No Feedback
 
01/27/2009 06:53:37 PM Chuck Hagenbuch Comment #3
State ⇒ Feedback		 Reply to this comment
I'm sorry, I don't understand whether you're reporting a problem or 
asking a question or reporting a fix. Can you try again?
01/27/2009 04:51:56 PM adi (dot) zerok (at) gmail (dot) com Comment #2 Reply to this comment
An issue is required to be fixed fixed that allowed the cookies of a 
session started

over SSL (https) to be transmitted over HTTP as well. This is known as 
setting the "secure" flag of the cookie.




01/27/2009 04:49:34 PM adi (dot) zerok (at) gmail (dot) com Comment #1
Priority ⇒ 2. Medium
Patch ⇒ No
Milestone ⇒
Queue ⇒ Horde Base
Due ⇒ 01/27/2009
Summary ⇒ Insecure Cookies Sanitization Over HTTPS
Type ⇒ Bug
State ⇒ Unconfirmed		 Reply to this comment
An issue was fixed that allowed the cookies of a session started

over SSL (https) to be transmitted over HTTP as well.

This is known as setting the "secure" flag of the cookie.




New Ticket
My Tickets
Search
Query Builder
Reports

Saved Queries

Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers