Yann Rouillard reports:
Jenkins on Tomcat fails to set the httponly flag on cookies.
Created jenkins tracking bugs for this issue:
Affects: fedora-21 [bug 1185152]
Red Hat would like to thank Yann Rouillard for reporting this issue.
This issue affects the versions of Jenkins as shipped with Red Hat OpenShift Enterprise 2. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.