[security-dev] Fwd: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
Bill Burke
bburke at redhat.com
Tue Feb 5 08:46:01 EST 2013
Fixed in JAx-rs 2.0
-------- Original Message --------
Subject: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
Date: Mon, 4 Feb 2013 20:24:53 +0000 (GMT+00:00)
From: Marek Potociar (JIRA) <jira-no-reply at java.net>
To: patriot1burke at java.net
[
http://java.net/jira/browse/JAX_RS_SPEC-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Marek Potociar resolved JAX_RS_SPEC-346.
----------------------------------------
Resolution: Fixed
Fixed on the master branch. Added {{HttpOnly}}-aware constructors and
{{isHttpOnly()}} getter to {{NewCookie}}.
> NewCookie needs HttpOnly
> ------------------------
>
> Key: JAX_RS_SPEC-346
> URL: http://java.net/jira/browse/JAX_RS_SPEC-346
> Project: jax-rs-spec
> Issue Type: New Feature
> Components: runtime
> Affects Versions: 1.1
> Reporter: patriot1burke
> Assignee: Marek Potociar
> Fix For: 2.0-pfd, 2.0
>
>
> This is needed to plug up certain security holes
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://java.net/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the security-dev
mailing list