dev@javaserverfaces.java.net

[2126-FlashDataExploit] request to de-couple issues

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Edward Burns <edward.burns_at_oracle.com>
Date: Mon, 10 Jun 2013 14:11:44 -0700

https://java.net/jira/browse/JAVASERVERFACES-2126

I think it would help to separate out the discussion on this issue into
two parts.

1. The original intent of the issues: making the Flash more secure

2. Whether or not flash depends on the session.

related issue:

https://java.net/jira/browse/JAVASERVERFACES-1449

Is it safe to separate these? If so, I can create a new issue for part
2.

If I don't hear anything in a few days, that's what I'll do.

--

This message: [ Message body ]
Next message: Manfred Riem: "Re: Cannot get tests to run from JSF trunk"
Previous message: Andy Schwartz: "Re: Issue #2126 - Flash scope cookie enables data exploits"
Next in thread: Leonardo Uribe: "Re: [2126-FlashDataExploit] request to de-couple issues"
Reply: Leonardo Uribe: "Re: [2126-FlashDataExploit] request to de-couple issues"
Maybe reply: Edward Burns: "Re: [2126-FlashDataExploit] request to de-couple issues"
Maybe reply: Edward Burns: "Re: [2126-FlashDataExploit] request to de-couple issues"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]