Skip to content
Commit 79c905e6 authored by Kohsuke Kawaguchi's avatar Kohsuke Kawaguchi
Browse files

[FIXED SECURITY-120] 

If Jenkins URL is set to https, force the secure flag. Also force the
cookie to be HTTP only, which mitigates the damage that XSS can cause.

See https://www.owasp.org/index.php/SecureFlag
parent b1803a95
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment