Comments (4)
pe7er
commented on June 15, 2024
Maybe the following can be added to your plugin?
https://groups.google.com/d/msg/joomla-dev-cms/5BWPRyqb0o4/JY6-BytQy-AJ
from plg_system_httpheader.
pe7er
commented on June 15, 2024
I tried to add the method mentioned in the Google Group myself, but I couldn't get it to work.
Furthermore I heard that it's only being used by MSIE, so IMHO it's probably not worth the time...
from plg_system_httpheader.
zero-24
commented on June 15, 2024
hmm I'm not sure whether we should mess with the cookies set by some other extension here, as we can't know whether we can force an secure or httpOnly flag.
I would suggest that the cookies that get set just use the Joomla API which offers the option to set the secure and http only flag: https://github.com/joomla/joomla-cms/blob/staging/libraries/src/Input/Cookie.php#L50-L89
Or I'm just getting you wrong?
from plg_system_httpheader.
pe7er
commented on June 15, 2024
Yeah, you are right. I got the question about implementing HttpOnly and thought it could be done with your plugin. But the more I read & think about it, the less good it seems.
Thanks for looking into it! I'm closing this issue...
from plg_system_httpheader.
Related Issues (20)
- RSS feeds not working anymore after enabling the plugin HOT 2
- Update from 1.0.11 to 1.0.12 does not go through HOT 9
- Error parsing header X-XSS-Protection HOT 9
- Headers added only to admin section HOT 10
- [enhancement] Add support for Permissions-Policy HOT 7
- can I have a version of httpHeader special for php 5.4 only HOT 1
- Directive Referrer-Policy HOT 7
- purchased Template ignoring your plugin HOT 2
- Question About Plugin Effectiveness HOT 6
- Hashes do not match HOT 12
- Missing translations HOT 2
- Update to new version HOT 2
- Testing HttpHeader Plugin HOT 7
- Adding a ftp subdomain to CSP HOT 6
- Improvement to be made HOT 2
- Removing headers HOT 4
- [Feature request] Add support for enabling / disabling limiting headers to the defined list. HOT 10
- Missing Headers - Permissions-Policy HOT 6
- What would cause this plugin to stop working, code is showing up on my website headers? HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from plg_system_httpheader.