[security-dev] Fwd: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly

Bill Burke bburke at redhat.com
Tue Feb 5 08:46:01 EST 2013

Fixed in JAx-rs 2.0

-------- Original Message --------
Subject: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
Date: Mon, 4 Feb 2013 20:24:53 +0000 (GMT+00:00)
From: Marek Potociar (JIRA) <jira-no-reply at java.net>
To: patriot1burke at java.net


Marek Potociar resolved JAX_RS_SPEC-346.

     Resolution: Fixed

Fixed on the master branch. Added {{HttpOnly}}-aware constructors and 
{{isHttpOnly()}} getter to {{NewCookie}}.

> NewCookie needs HttpOnly
> ------------------------
>                 Key: JAX_RS_SPEC-346
>                 URL: http://java.net/jira/browse/JAX_RS_SPEC-346
>             Project: jax-rs-spec
>          Issue Type: New Feature
>          Components: runtime
>    Affects Versions: 1.1
>            Reporter: patriot1burke
>            Assignee: Marek Potociar
>             Fix For: 2.0-pfd, 2.0
> This is needed to plug up certain security holes

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: 
For more information on JIRA, see: http://www.atlassian.com/software/jira

Bill Burke
JBoss, a division of Red Hat

More information about the security-dev mailing list