Greg Sheremeta has uploaded a new change for review.
Change subject: backend: Revert "backend: set HttpOnly for all cookies"
......................................................................
backend: Revert "backend: set HttpOnly for all cookies"
This reverts commit 98ae6ba19da5aee35004427dee273ef2d0a8d4e9.
Change-Id: I627e6f77f915fdd3fb3948d1841e1f0b892cfd66
Signed-off-by: Greg Sheremeta <gsher...@redhat.com>
---
M backend/manager/modules/docs/src/main/webapp/WEB-INF/web.xml
M backend/manager/modules/root/src/main/webapp/WEB-INF/web.xml
M backend/manager/modules/services/src/main/webapp/WEB-INF/web.xml
M
backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/DocsServlet.java
M
backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/LocaleFilter.java
M backend/manager/modules/welcome/src/main/webapp/WEB-INF/web.xml
M frontend/webadmin/modules/userportal-gwtp/src/main/webapp/WEB-INF/web.xml
M frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml
8 files changed, 0 insertions(+), 41 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/55/27455/1
diff --git a/backend/manager/modules/docs/src/main/webapp/WEB-INF/web.xml
b/backend/manager/modules/docs/src/main/webapp/WEB-INF/web.xml
index 6d389d3..45d69e5 100644
--- a/backend/manager/modules/docs/src/main/webapp/WEB-INF/web.xml
+++ b/backend/manager/modules/docs/src/main/webapp/WEB-INF/web.xml
@@ -138,11 +138,4 @@
<error-code>404</error-code>
<location>/404.html</location>
</error-page>
-
- <session-config>
- <cookie-config>
- <http-only>true</http-only>
- </cookie-config>
- </session-config>
-
</web-app>
diff --git a/backend/manager/modules/root/src/main/webapp/WEB-INF/web.xml
b/backend/manager/modules/root/src/main/webapp/WEB-INF/web.xml
index b12a497..92d4f5b 100644
--- a/backend/manager/modules/root/src/main/webapp/WEB-INF/web.xml
+++ b/backend/manager/modules/root/src/main/webapp/WEB-INF/web.xml
@@ -127,11 +127,4 @@
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
-
- <session-config>
- <cookie-config>
- <http-only>true</http-only>
- </cookie-config>
- </session-config>
-
</web-app>
diff --git a/backend/manager/modules/services/src/main/webapp/WEB-INF/web.xml
b/backend/manager/modules/services/src/main/webapp/WEB-INF/web.xml
index 5df7ce9..8c9f15c 100644
--- a/backend/manager/modules/services/src/main/webapp/WEB-INF/web.xml
+++ b/backend/manager/modules/services/src/main/webapp/WEB-INF/web.xml
@@ -120,10 +120,4 @@
<location>/404.html</location>
</error-page>
- <session-config>
- <cookie-config>
- <http-only>true</http-only>
- </cookie-config>
- </session-config>
-
</web-app>
diff --git
a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/DocsServlet.java
b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/DocsServlet.java
index 6ffa032..1d4a461 100644
---
a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/DocsServlet.java
+++
b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/DocsServlet.java
@@ -109,7 +109,6 @@
Cookie cookie = new Cookie(LANG_PAGE_SHOWN, Boolean.toString(value));
// Scope this cookie to the (root) application context URL
cookie.setPath(getServletContext().getContextPath());
- cookie.setHttpOnly(true);
// Don't set max age, i.e. let this be a session cookie
response.addCookie(cookie);
}
diff --git
a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/LocaleFilter.java
b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/LocaleFilter.java
index 319d95c..9fda8a8 100644
---
a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/LocaleFilter.java
+++
b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/LocaleFilter.java
@@ -77,7 +77,6 @@
Cookie cookie = new Cookie(LocaleFilter.LOCALE, userLocale.toString());
cookie.setPath(ROOT_PATH);
cookie.setMaxAge(Integer.MAX_VALUE); // Doesn't expire.
- cookie.setHttpOnly(true);
response.addCookie(cookie);
}
diff --git a/backend/manager/modules/welcome/src/main/webapp/WEB-INF/web.xml
b/backend/manager/modules/welcome/src/main/webapp/WEB-INF/web.xml
index a82699e..e8590fb 100644
--- a/backend/manager/modules/welcome/src/main/webapp/WEB-INF/web.xml
+++ b/backend/manager/modules/welcome/src/main/webapp/WEB-INF/web.xml
@@ -109,11 +109,4 @@
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
-
- <session-config>
- <cookie-config>
- <http-only>true</http-only>
- </cookie-config>
- </session-config>
-
</web-app>
diff --git
a/frontend/webadmin/modules/userportal-gwtp/src/main/webapp/WEB-INF/web.xml
b/frontend/webadmin/modules/userportal-gwtp/src/main/webapp/WEB-INF/web.xml
index 8bee280..82a1013 100644
--- a/frontend/webadmin/modules/userportal-gwtp/src/main/webapp/WEB-INF/web.xml
+++ b/frontend/webadmin/modules/userportal-gwtp/src/main/webapp/WEB-INF/web.xml
@@ -111,10 +111,4 @@
</user-data-constraint>
</security-constraint>
- <session-config>
- <cookie-config>
- <http-only>true</http-only>
- </cookie-config>
- </session-config>
-
</web-app>
diff --git a/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml
b/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml
index f200688..b637adf 100644
--- a/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml
+++ b/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml
@@ -117,10 +117,4 @@
</user-data-constraint>
</security-constraint>
- <session-config>
- <cookie-config>
- <http-only>true</http-only>
- </cookie-config>
- </session-config>
-
</web-app>
--
To view, visit http://gerrit.ovirt.org/27455
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I627e6f77f915fdd3fb3948d1841e1f0b892cfd66
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Greg Sheremeta <gsher...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
