AnsweredAssumed Answered

How to fix security vulnerability with cookies to make them HttpOnly and Secure?

Question asked by srikarvr on May 18, 2017
Latest reply on Nov 14, 2017 by bhargav.vempalli

Dear All - I am new to Alfresco world.

 

Presently we have Alfresco 5.0 environment and I am working on fixing a vulnerability related to cookies. Please can someone direct me where to make the changes to make cookies HttpOnly and Secure?

 

I tried making these changes in context.xml (<content useHttpOnly = "true">) and in server.xml <Connector port"8080"...secure="true"> but this is not fixing the issue. Instead it is causing login issue with share.

 

Regards

Srikar

Outcomes