[security-dev] Fwd: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
Anil Saldhana
Anil.Saldhana at redhat.com
Tue Feb 5 10:53:30 EST 2013
Bill, giant leap for secure Java REST services. :)
On 02/05/2013 07:46 AM, Bill Burke wrote:
> Fixed in JAx-rs 2.0
>
>
> -------- Original Message --------
> Subject: [JIRA] Resolved: (JAX_RS_SPEC-346) NewCookie needs HttpOnly
> Date: Mon, 4 Feb 2013 20:24:53 +0000 (GMT+00:00)
> From: Marek Potociar (JIRA) <jira-no-reply at java.net>
> To: patriot1burke at java.net
>
>
> [
> http://java.net/jira/browse/JAX_RS_SPEC-346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
> ]
>
> Marek Potociar resolved JAX_RS_SPEC-346.
> ----------------------------------------
>
> Resolution: Fixed
>
> Fixed on the master branch. Added {{HttpOnly}}-aware constructors and
> {{isHttpOnly()}} getter to {{NewCookie}}.
>
>> NewCookie needs HttpOnly
>> ------------------------
>>
>> Key: JAX_RS_SPEC-346
>> URL: http://java.net/jira/browse/JAX_RS_SPEC-346
>> Project: jax-rs-spec
>> Issue Type: New Feature
>> Components: runtime
>> Affects Versions: 1.1
>> Reporter: patriot1burke
>> Assignee: Marek Potociar
>> Fix For: 2.0-pfd, 2.0
>>
>>
>> This is needed to plug up certain security holes
More information about the security-dev
mailing list