Cookie set on memcached failure doesn't honor request's secure property

mauriciorodrigues / memcached-session-manager

Automatically exported from code.google.com/p/memcached-session-manager

0 stars 0 forks source link

Cookie set on memcached failure doesn't honor request's secure property #47

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago

When the memcached node fails a session is associated with and the session
therefore gets relocated to another memcached node, the
memcached-session-manager sets a new JSESSIONID cookie (with the session id
containing the new memcached node id).

This cookie does not have the "Secure" property set if the request was done
over a secure connection (https).

Original issue reported on code.google.com by martin.grotzke on 16 Mar 2010 at 10:05

GoogleCodeExporter commented 8 years ago

Fixed, will be released with 1.2

Original comment by martin.grotzke on 16 Mar 2010 at 10:08

Changed state: Fixed
Added labels: Milestone-1.2