Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-7877

prevent nexus from sending rememberMe=deleteme cookie

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.11.1
    • Fix Version/s: 2.11.2
    • Component/s: Transport
    • Labels:
      None
    • Sprint:
      Sprint 34

      Description

      Nexus 2.x does not use Shiro RememberMe services, yet Nexus 2.x still sends a cookie back to the client for most requests:

      Set-Cookie: rememberMe=deleteme etc.

      This cookie header should be killed - it is pointless.

      NX3 does use remember me services, so this exact bug does not apply there.

        Attachments

          Activity

            People

            Assignee:
            plynch Peter Lynch
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title