vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-08 23:25:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
ntopng/scripts/lua/inc
History
emanuele-f a70dce4301 Secure ntopng cookies with SameSite and HttpOnly 
HttpOnly prevents the cookie from being accessed by javascript code and restricts XMLHttpObject utilization.
See https://blog.codinghorror.com/protecting-your-cookies-httponly/ .

SameSite=lax restricts cookie utilization in iframes, images or XMLHttpRequests, but still allows external
sites to link to the ntopng webserver and use the existing authenticated user session.
See https://www.sjoerdlangkemper.nl/2016/04/14/preventing-csrf-with-samesite-cookie-attribute/ .
2018-05-16 11:43:23 +02:00
..
add_user_dialog.lua Fixes issues with long interface names 2018-04-04 16:01:30 +02:00
bridge_wizard.lua Expose HostPools information 2017-10-16 11:55:34 +02:00
change_user_password_form.lua Reworks default password change 2017-05-02 15:12:52 +02:00
delete_user_dialog.lua Extends ntopng localization 2018-02-09 19:34:02 +01:00
footer.lua Secure ntopng cookies with SameSite and HttpOnly 2018-05-16 11:43:23 +02:00
menu.lua Implements deletion of host persistent data 2018-05-14 19:47:49 +02:00
password_dialog.lua Fixes issues with long interface names 2018-04-04 16:01:30 +02:00
sankey.lua Fix host sankey 2018-03-07 11:12:37 +01:00
sprobe.lua Initial import from SVN 2015-04-30 12:22:35 +02:00
users.lua Extends ntopng localization 2018-02-09 19:34:02 +01:00