cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sinistralis <...@git.apache.org>
Subject [GitHub] cordova-plugin-inappbrowser pull request: Added Android cookie sha...
Date Thu, 29 Oct 2015 22:06:46 GMT
Github user Sinistralis commented on the pull request:

    https://github.com/apache/cordova-plugin-inappbrowser/pull/122#issuecomment-152341785
  
    I think we have different concerns here even though we agree on the same
    thing. If the app developer is concerned about exposing their cookies to a
    website they should be using HTTP only cookies
    On Oct 29, 2015 6:03 PM, "Jesse MacFadyen" <notifications@github.com> wrote:
    
    > The clear-cache options also clear the cookies in the inappbrowser before
    > a page loads, so if you wanted to load something you didn't trust, you
    > would use that option before the content is loaded to make sure that
    > content/site could not read your cookies.
    >
    > As far as the cordova-webview accessing cookies set inside inappbrowser by
    > a remote site, I think that is much less of a concern, and possibly even
    > something we would just allow ( much like any native app can do )
    >
    > —
    > Reply to this email directly or view it on GitHub
    > <https://github.com/apache/cordova-plugin-inappbrowser/pull/122#issuecomment-152341159>
    > .
    >



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org


Mime
View raw message