Make the MoMpath cookie secure

Created on 20 March 2025, 20 days ago

Problem/Motivation

The MoMpath cookie is not set as httponly and SameSite. We can do this as the cookie is only handled in the server side.

Steps to reproduce

Install MoM and check the cookies when you are logged in. It will show the cookie without httponly and samesite attributes.

Proposed resolution

Adjust the logic for setting the cookie

Remaining tasks

  • create a patch/mr
  • test
  • release
📌 Task
Status

Active

Version

1.0

Component

Code

Created by

🇳🇱Netherlands arantxio Dordrecht

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Production build 0.71.5 2024