[wp-trac] Re: [WordPress Trac] #7677: WordPress should implement
HttpOnly Cookies to slow down XSS
WordPress Trac
wp-trac at lists.automattic.com
Wed Sep 3 16:48:49 GMT 2008
#7677: WordPress should implement HttpOnly Cookies to slow down XSS
----------------------------------------------+-----------------------------
Reporter: _ck_ | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.7
Component: Security | Version:
Severity: major | Resolution:
Keywords: cookies needs-patch dev-reviewed |
----------------------------------------------+-----------------------------
Changes (by westi):
* keywords: cookies needs-patch => cookies needs-patch dev-reviewed
Comment:
Replying to [comment:5 ryan]:
> I think all of the document.cookie references in our JS are for cookies
other than the auth cookies. Those cookies won't be httponly.
Cool
+1 to patch
--
Ticket URL: <http://trac.wordpress.org/ticket/7677#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list