search

ESGF / esg-orp

ESGF Openid Relying Party (ORP)
http://esgf.org/esg-orp/
Other
3 stars 6 forks source link

Secure the openid cookie #21

Closed LucaCinquini closed 8 years ago

LucaCinquini commented 8 years ago

The user openid is stored in a cookie which currently is not secured - it can be sent through HTTP or HTTPS connections.

LucaCinquini commented 8 years ago

Done - the openid cookie set by the ORP can now be transmitted only through encrypted connections.