Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-7877

prevent nexus from sending rememberMe=deleteme cookie

Details

    • Improvement
    • Resolution: Fixed
    • Minor
    • 2.11.2
    • 2.11.1
    • Transport
    • None
    • Sprint 34

    Description

      Nexus 2.x does not use Shiro RememberMe services, yet Nexus 2.x still sends a cookie back to the client for most requests:

      Set-Cookie: rememberMe=deleteme etc.

      This cookie header should be killed - it is pointless.

      NX3 does use remember me services, so this exact bug does not apply there.

      Attachments

        Activity

          People

            plynch Peter Lynch
            plynch Peter Lynch
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              tigCommentSecurity.panel-title