Remy,
I recommend more careful research on this topic.
IE 6+ supports HttpOnly
FireFox 2.0.0.6+ support HttpOnly
Opera 9.5+ has promised HttpOnly support
Safari is still considering
On Mon, 2008-03-10 at 08:16 -0400, Jim Manico wrote:
Rely,
This is not a ms hack, but a security enhancement
On Mon, 2008-03-10 at 08:16 -0400, Jim Manico wrote:
> Rely,
>
> This is not a ms hack, but a security enhancement supported by all
> browsers. Do some research and get back to us.
This feature does not have good browser support, and I think it's a
hack. Well, at least you know how I will vote
Rely,
This is not a ms hack, but a security enhancement supported by all
browsers. Do some research and get back to us.
Jim
On Mar 10, 2008, at 5:33 AM, Remy Maucherat <[EMAIL PROTECTED]> wrote:
On Sun, 2008-03-09 at 19:56 -0700, Filip Hanik - Dev Lists wrote:
haven't forgotten about you,
On Sun, 2008-03-09 at 19:56 -0700, Filip Hanik - Dev Lists wrote:
> haven't forgotten about you, it's still on the todo list.
I am against adding support for IE only hacks ?
Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For
Jim Manico wrote:
Any thoughts would be greatly appreciated.
If you add your patch (in diff -u format) to the bugzilla enhancement
request you created then there is a much better chance it won't get forgotten.
Mark
-
To uns
haven't forgotten about you, it's still on the todo list.
Filip
Jim Manico wrote:
Gentlemen,
I'd like to make a suggestion to add HTTPOnly support to Tomcat 5.5
(for starters). This is a significant security enhancement that will
assist in preventing XSS attacks.
http://msdn2.microsoft.com/
