Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-2936

JASPA - Enable HttpOnly cookies by default

    XMLWordPrintable

Details

    Description

      To improve our out-of-the-box security configuration, agents should enable HttpOnly cookies by default for fresh installs. Customers should still be able to disable this if they need to access the iPDP session cookie or am-auth-jwt from JavaScript.

      Attachments

        Issue Links

          Activity

            People

              tony.bamford Tony Bamford
              tony.bamford Tony Bamford
                edwardb edwardb
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: