Last modified: 2013-04-10 06:28:04 UTC
Jenkins does not flag cookies as secure, thus they can be sent unencrypted! Upstream issue: https://issues.jenkins-ci.org/browse/JENKINS-12751
No news in upstream bug tracker.
Timo please leave the '[upstream] ' prefix in the summary. That let me skip the bug easily when reviewing the bug list :-]
setting back to low since I want to check it from time to time (lowest are ignored).
(In reply to comment #2) > Timo please leave the '[upstream] ' prefix in the summary. That let me skip > the bug easily when reviewing the bug list :-] Fix whatever query you use to exclude those? (NOT keyword:upstream) Anyway, I'll leave it. But I'm not going to add it everywhere, this logic doesn't scale and is rather biased.