Secure cookie handling upon https to http downgrade
Jo-Philipp Wich
jo at mein.io
Fri Dec 30 12:42:37 PST 2022
Hi,
> [...]
> I renamed the new cookies to "http-sysauth" and "https-sysauth", to work
> around this and it seems to do the right thing. But there is still a fault here.
Already fixed with
https://github.com/jow-/lucihttp/commit/6e68a1065f3ed1889e5fa053b206bd3aa108bd5f
~ Jow
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20221230/033f8738/attachment.sig>
More information about the openwrt-devel
mailing list