Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add __Host prefix to same site cookie #1412

Closed
LukasReschke opened this issue Sep 15, 2016 · 0 comments · Fixed by #2275
Closed

Add __Host prefix to same site cookie #1412

LukasReschke opened this issue Sep 15, 2016 · 0 comments · Fixed by #2275
Labels
enhancement security
Milestone
Nextcloud 11.0

Comments

@LukasReschke
Copy link
Member

No description provided.

@LukasReschke LukasReschke added enhancement 1. to develop Accepted and waiting to be taken care of security labels Sep 15, 2016
LukasReschke added a commit that referenced this issue Nov 23, 2016
@LukasReschke
Harden cookies more appropriate
a05b8b7 
This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening.

See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications.

Fixes #1412

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
@LukasReschke LukasReschke mentioned this issue Nov 23, 2016
Merged
@MorrisJobke MorrisJobke added this to the Nextcloud 11.0 milestone Nov 23, 2016
@MorrisJobke MorrisJobke removed the 1. to develop Accepted and waiting to be taken care of label Feb 21, 2017
@nextcloud-bot nextcloud-bot mentioned this issue Nov 26, 2018
Closed
@dependabot-preview dependabot-preview bot mentioned this issue May 5, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement security
Projects
None yet
Milestone
Nextcloud 11.0
Development

Successfully merging a pull request may close this issue.

Harden cookies more appropriate nextcloud/server
2 participants
@MorrisJobke @LukasReschke