zydronium/websitepanel

Fork 0

Commit graph

Author	SHA1	Message	Date
robvde	38592df9e6	As are result of security penetration test the following changes applied: All authentication related cookies tagged as httpOnly web.config: enabledVersionHeader=false autocomplete disabled Login url injection redirection fixed session hijacking implemented Dont forget to apply ssl to your website with https and to set the requireSSL="false" to true	2012-06-21 19:39:58 +04:00

Author

SHA1

Message

Date

robvde

38592df9e6

As are result of security penetration test the following changes applied:

All authentication related cookies tagged as httpOnly
web.config: enabledVersionHeader=false
autocomplete disabled
Login url injection redirection fixed
session hijacking implemented

Dont forget to apply ssl to your website with https and to set the requireSSL="false" to true

2012-06-21 19:39:58 +04:00

1 commit