Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Allow secure cookie #205

2 commits merged into from Apr 30, 2011


None yet
3 participants

malclocke commented Nov 4, 2010

In response to the recent interest in session hijacking attacks, this change allows the cookie to have the secure flag, and therefore only ever be sent over SSL connections.


malclocke commented Nov 10, 2010

Closing this an re-opening a new pull with an extra config flag

This isn't closed yet. Add your votes to https://github.com/binarylogic/authlogic/issues/issue/210

@ghost ghost pushed a commit that referenced this pull request Apr 30, 2011

@binarylogic binarylogic Merge pull request #205 from malclocke/allow_secure_cookie.
Allow secure cookie

@ghost ghost merged commit cfd65d6 into binarylogic:master Apr 30, 2011

This issue was closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment