Overview
| Artifact ID: | ee6d285533571b251a79f6fea03cb2e3e327b044 |
|---|---|
| Ticket: | 2316d926e376aa56ab5fef97f12dc1690bb5b609
test_env visible when not logged in and no capabilities |
| User & Date: | ben 2011-06-27 21:08:27 |
Changes
- Appended to comment:
<hr /><i>ben added on 2011-06-27 21:08:27 UTC:</i><br /> Also outputting the cookie value in the response body is not recommended for web application security, and negates all the benefits of using the HttpOnly option when setting cookies.
- resolution changed to: "Open"