Actions
Bug #25782
closedtypo3-login-cookiecheck Cookie does not respect cookieSecure
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Backend User Interface
Target version:
-
Start date:
2011-04-06
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
4.5
PHP Version:
5.3
Tags:
Complexity:
Is Regression:
No
Sprint Focus:
Description
If $TYPO3_CONF_VARS['SYS']['cookieSecure'] and $TYPO3_CONF_VARS['BE'][lockSSL] in Install Tool are set to a value forcing secure communication for cookies the typo3-login-cookiecheck cookie is not limited to secure connections.
It is not a security flaw in this particular case but any part of the Core should obey the TYPO3_CONF_VARS settings.
Updated by Alexander Opitz almost 10 years ago
- Status changed from New to Needs Feedback
- Is Regression set to No
Hi,
as this issue is very old. Does the problem still exists within newer versions of TYPO3 CMS (6.2.3)?
Updated by Alexander Opitz almost 10 years ago
- Status changed from Needs Feedback to Closed
Ok, closing the issue. Thanks for the help.
Actions