Don't miss out Virtual Happy Hour this Friday (April 26).
Try our conversational search powered by Generative AI!
AI OnAI Off
Don't miss out Virtual Happy Hour this Friday (April 26).
Mar 06, 2020
May 15, 2020
CMS Core
Closed, Fixed and tested
Prerequisite: In the config file, the user set <httpCookies httpOnlyCookies="true" requireSSL="true" /> .
Steps to reproduce
1) Open a new Incognito window.
2) Check both cookies EPi: NumberOfVisits, ASPNet Session cookie secure, and HTTPOnly flags.
3) Delete the ASPNet Session cookie.
4) Refresh the page.
5) The EPi: NumberOfVisits cookie doesn't have HttpOnly or Secure set.
6) All communication between the application and load balancer and servers is in https.