Welcome! Log In Create A New Profile

Advanced

Re: Help with securing "route" cookie

All files from this thread

File Name File Size   Posted by Date  
Snap156.gif 16 KB open | download Gerard Mattison 11/19/2016 Read message
Francis Daly
November 21, 2016 09:36AM
On Sat, Nov 19, 2016 at 01:08:24PM -0800, Gerard Mattison wrote:

Hi there,

> One of the issue I having is that when I ran a vulnerability assessment,
> the "route" cookie is coming up as not secure.

It looks like the cookie should be secure.

Is there any change that you used this browser to access this server;
then reconfigured the server to add the "secure" options and reloaded
the config; and then refreshed the page in the browser?

If so, that would explain it -- you have to arrange that the browser
removes the previous session cookie (for example, by closing the browser
or just by deleting the cookie). If the browser presents a cookie,
the server will not send a new one.

And it is only the new one that will be marked "Secure" or not.

Good luck with it,

f
--
Francis Daly francis@daoine.org

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Help with securing "route" cookie Attachments

Gerard Mattison November 19, 2016 04:10PM

Re: Help with securing "route" cookie

Francis Daly November 21, 2016 09:36AM

Re: Help with securing "route" cookie

hheiko November 21, 2016 05:27PM

Re: Help with securing "route" cookie

itpp2012 November 22, 2016 10:46AM

Re: Help with securing "route" cookie

Francis Daly November 21, 2016 07:00PM

Re: Help with securing "route" cookie

itpp2012 November 22, 2016 01:45PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 114
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready