Comments (4)
Maybe the following can be added to your plugin?
https://groups.google.com/d/msg/joomla-dev-cms/5BWPRyqb0o4/JY6-BytQy-AJ
from plg_system_httpheader.
I tried to add the method mentioned in the Google Group myself, but I couldn't get it to work.
Furthermore I heard that it's only being used by MSIE, so IMHO it's probably not worth the time...
from plg_system_httpheader.
hmm I'm not sure whether we should mess with the cookies set by some other extension here, as we can't know whether we can force an secure or httpOnly flag.
I would suggest that the cookies that get set just use the Joomla API which offers the option to set the secure and http only flag: https://github.com/joomla/joomla-cms/blob/staging/libraries/src/Input/Cookie.php#L50-L89
Or I'm just getting you wrong?
from plg_system_httpheader.
Yeah, you are right. I got the question about implementing HttpOnly and thought it could be done with your plugin. But the more I read & think about it, the less good it seems.
Thanks for looking into it! I'm closing this issue...
from plg_system_httpheader.
Related Issues (20)
- RSS feeds not working anymore after enabling the plugin HOT 2
- Update from 1.0.11 to 1.0.12 does not go through HOT 9
- Error parsing header X-XSS-Protection HOT 9
- Headers added only to admin section HOT 10
- [enhancement] Add support for Permissions-Policy HOT 7
- can I have a version of httpHeader special for php 5.4 only HOT 1
- Directive Referrer-Policy HOT 7
- purchased Template ignoring your plugin HOT 2
- Question About Plugin Effectiveness HOT 6
- Hashes do not match HOT 12
- Missing translations HOT 2
- Update to new version HOT 2
- Testing HttpHeader Plugin HOT 7
- Adding a ftp subdomain to CSP HOT 6
- Improvement to be made HOT 2
- Removing headers HOT 4
- [Feature request] Add support for enabling / disabling limiting headers to the defined list. HOT 10
- Missing Headers - Permissions-Policy HOT 6
- What would cause this plugin to stop working, code is showing up on my website headers? HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from plg_system_httpheader.