|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: John Wilander (john.wilander
owasp.org)
Date: Sat Feb 27 2010 - 05:44:50 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2010/2/26 arvind doraiswamy <arvind.doraiswamygmail.com>
>
> A little bit of clarification needed about the 'Secure' attribute to
> be set in a Cookie.
Hi Arvind!
Just to be sure:
1. Is the problem that your web server sends secure cookies to the
client over http (i e in cleartext)?
2. Is the problem that the client's browser sends secure cookies back
to the server over http?
3. Is the problem both of the above?
If the web server is (part of) the problem, could you tell us which
one you're using?
Regards, John
--
John Wilander
Chapter leader OWASP Sweden
Conference chair OWASP AppSec Research 2010
http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]