[security-dev] Fwd: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
Fixed in JAx-rs 2.0
-------- Original Message --------
Subject: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
Date: Mon, 4 Feb 2013 20:24:53 +0000 (GMT+00:00)
From: Marek Potociar (JIRA) <jira-no-reply(a)java.net>
To: patriot1burke(a)java.net
[
http://java.net/jira/browse/JAX_RS_SPEC-346?page=com.atlassian.jira.plugi...
]
Marek Potociar resolved JAX_RS_SPEC-346.
----------------------------------------
Resolution: Fixed
Fixed on the master branch. Added {{HttpOnly}}-aware constructors and
{{isHttpOnly()}} getter to {{NewCookie}}.
NewCookie needs HttpOnly
------------------------
Key: JAX_RS_SPEC-346
URL: http://java.net/jira/browse/JAX_RS_SPEC-346
Project: jax-rs-spec
Issue Type: New Feature
Components: runtime
Affects Versions: 1.1
Reporter: patriot1burke
Assignee: Marek Potociar
Fix For: 2.0-pfd, 2.0
This is needed to plug up certain security holes
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://java.net/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com