Feature #6992

Make session cookie more secure

Added by Jesús García Crespo almost 8 years ago. Updated almost 8 years ago.

Status:VerifiedStart date:07/15/2014
Priority:MediumDue date:
Assignee:Dan Gillean% Done:

0%

Category:Security
Target version:Release 2.1.0
Google Code Legacy ID: Tested version:2.1
Sponsored:No Requires documentation:

Description

  • Use httpOnly
  • Use secure in https sites

History

#2 Updated by Jesús García Crespo almost 8 years ago

For testing:
  1. Open Chrome Dev Tools
  2. Click on Resources tab
  3. Expand cookies in the sidebar
  4. Check that "symfony" cookie is using the "httpOnly" flag
  5. Check that "symfony" cooki is using the "secure" flag (only available when you are using https://)

#3 Updated by Dan Gillean almost 8 years ago

  • Status changed from QA/Review to Verified

#4 Updated by Dan Gillean almost 8 years ago

  • Tested version 2.1 added

Also available in: Atom PDF