https://bz.apache.org/bugzilla/show_bug.cgi?id=58891
--- Comment #4 from Remy Maucherat <r...@apache.org> --- Generally, I would like to keep the SSL page as a quick start, focusing on people being able to test SSL with Tomcat as easily as possible. BTW, the session cookie should be marked secure and shouldn't be leaked (assuming it is created by auth, and if it is not, the auth is supposed to renew it). The main thing I'd agree on is remove the segment on hosts, since now it is implemented. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
