Bug 429495 - Add cookie_secure param to enforce sending cookies over secure connection
Add cookie_secure param to enforce sending cookies over secure connection
Status: CLOSED NEXTRELEASE
Product: Bugzilla
Classification: Community
Component: Bugzilla General (Show other bugs)
3.2
All Linux
low Severity low (vote)
: ---
: ---
Assigned To: PnT DevOps Devs
:
Depends On:
Blocks: RHBZ30UpgradeTracker 406231
  Show dependency treegraph
 
Reported: 2008-01-21 00:29 EST by David Lawrence
Modified: 2013-06-23 22:20 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-21 17:23:32 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Patch to add cookie_secure param to auth code (3.37 KB, patch)
2008-01-21 00:29 EST, David Lawrence
no flags Details | Diff

  None (edit)
Description David Lawrence 2008-01-21 00:29:57 EST
Add new param called cookie_secure to Auth code to enforce cookies only being
sent over secure (SSL) connection.

template/en/default/admin/params/auth.html.tmpl
Bugzilla/Config/Auth.pm
Bugzilla/Auth/Persist/Cookie.pm
Comment 1 David Lawrence 2008-01-21 00:29:57 EST
Created attachment 292326 [details]
Patch to add cookie_secure param to auth code
Comment 2 David Lawrence 2008-01-21 00:43:11 EST
https://bugzilla.mozilla.org/show_bug.cgi?id=381569
Comment 3 David Lawrence 2008-01-22 00:05:53 EST
Worked 2 hours on this patch.
Comment 4 David Lawrence 2008-02-21 17:23:32 EST
Instead of adding a new cookie_secure param, we went the route of enforcing
secure cookie whenever the 'ssl' param is set to either 'authenticated sessions'
or 'always' so this can be closed.

Note You need to log in before you can comment on or make changes to this bug.