Verifies the integrety of the projects, as builds are executed immediately after a code change was detected. This plan provides no artifiacts (use a nightly build instead).
Build: #2269 was successful Changes by Guus der Kinderen
Code commits
Openfire (master)
-
Guus der Kinderen c074219f79c344db08230a778fcf7b62bd586a43
LGTM: ignore insecure-cookie when unsetting the cookie.
As long as we're exposing the admin console on a non-HTTPS endpoint (our port 9090), we will have a need to set cookies on an unsecure endpoint. This raises (rightfully) the LGTM 'insecure-cookie' alert, as Insecure cookies may be sent in cleartext, which makes them vulnerable to interception.
However, LGTM also raises this alert when we remove the cookie (which we do by setting an immediately-expired cookie with no data). The alert can be suppressed for that one.- xmppserver/src/main/java/org/jivesoftware/util/CookieUtils.java (version c074219f79c344db08230a778fcf7b62bd586a43)