Incorrect link/terminology on Deploying Horizon page
Bug #1431458 reported by
Travis McPeak
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Wishlist
|
Balaji Narayanan |
Bug Description
On this page: https:/
Preventing from cross-site scripting is done by another cookie setting, HttpOnly. The link in this text also refers to OWASP HttpOnly.
Ideally sensitive cookies like sessionid and csrf tokens will be protected by both settings. In any case these two cookie options should be mentioned separately as they are both important and serve different purposes.
no longer affects: | openstack-manuals |
Changed in horizon: | |
assignee: | nobody → Balaji Narayanan (lists-balajin) |
Changed in horizon: | |
importance: | Undecided → Wishlist |
tags: | added: low-hanging-fruit |
Changed in horizon: | |
milestone: | none → liberty-3 |
Changed in horizon: | |
status: | Fix Committed → Fix Released |
Changed in horizon: | |
milestone: | liberty-3 → 8.0.0 |
To post a comment you must log in.
https:/ /review. openstack. org/#/c/ 212326/ 1