Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch zlux cookies from timed to untimed #132

Closed
NolanRogers opened this issue Apr 26, 2019 · 1 comment

Comments

@NolanRogers
Copy link

commented Apr 26, 2019

Right now zlux cookies are set to expire in one hour from their creation. The IBM security team has requested that we switch them from timed to untimed since they can sit on disk after their expiration and malware can potentially find interesting information from the cookie.

Acceptance Criteria:

Change session cookie in zlux to untimed
QA to ensure that no unexpected changes in behavior occur

@NolanRogers NolanRogers added this to the 1.3.0 milestone May 6, 2019

@1000TurquoisePogs

This comment has been minimized.

Copy link
Contributor

commented May 7, 2019

Tracking over here zowe/zlux-server-framework#81

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.