#42 ✓resolved
Tom Macklin

HttpOnly cookie support

Reported by Tom Macklin | March 26th, 2009 @ 02:08 PM

Now that FF3 can support HttpOnly along w/ IE, HttpOnly cookie support makes sense as a security improvement (there's also a plugin for FF2.) Rails also uses this as default:


Comments and changes to this ticket

  • Scytrin dai Kinthra

    Scytrin dai Kinthra May 16th, 2009 @ 10:52 PM

    • Assigned user set to “Scytrin dai Kinthra”
    • State changed from “new” to “open”

    HttpOnly has been available as far as setting cookies via Response#set_cookie since January ninth.
    Is there a case or example outside of this that you care for?

  • Tom Macklin

    Tom Macklin May 18th, 2009 @ 03:15 PM

    You are correct. I was working with a checkout from 1/6. Sigh. I will look into integrating this functionality soon (~ two weeks) and it shouldn't be a problem; although I'll let you know if I do run into anything.

  • josh

    josh August 3rd, 2009 @ 03:04 PM

    • State changed from “open” to “resolved”

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป