This repository has been archived by the owner on Jun 27, 2023. It is now read-only.

cookies and SOP #160

Open

bblfish opened this issue Sep 25, 2015 · 1 comment

Labels

documentation security testing

Milestone

Initial Server De...

Member

bblfish commented Sep 25, 2015

Check that the setting of cookies follow same origin policies correctly
following discussion on WebAppSec mailing list, and summarized A view on SOP Wiki.

bblfish added this to the Initial Server Deployment milestone

Member Author

bblfish commented Feb 20, 2016

Sessions Cookies are encrypted in Play.

The issue here may be to make sure the cookies don't leak out of https, or even the origin domain.

bblfish added documentation security testing labels

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.