Set the HttpOnly flag for the page auto-refresh tokens (#4363)
* set HttpOnly flag to prevent cookie read by a malicious script in browser
* Update core/src/main/java/hudson/Functions.java
Co-Authored-By: Wadeck Follonier <Wadeck@users.noreply.github.com>
Please register or sign in to comment