Changes for page Security

Last modified by Vincent Massol on 2021/07/21
<
From version < 23.1 >
edited by Thomas Mortagne
on 2017/12/08
To version < 22.1 >
edited by Vincent Massol
on 2017/09/06
>
Change comment: Renamed back-links.

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.ThomasMortagne
1 +XWiki.VincentMassol
Content
... ... @@ -49,8 +49,7 @@
49 49  === Encrypt cookies using IP address ===
50 50  
51 51  Even if the password cannot be extracted from the cookie, the cookies might be stolen (see [[XSS>>Documentation.AdminGuide.Security#HCrossSiteScripting]]) and used as they are.
52 -To limit that by default the cookies are blocked from being used except by the same IP address which got them.
53 -You can disabled this by setting the //[[xwiki.cfg>>Documentation.AdminGuide.Configuration#HSamplexwiki.cfg]]// parameter ##xwiki.authentication.useip## to false.
52 +By setting the //[[xwiki.cfg>>Documentation.AdminGuide.Configuration#HSamplexwiki.cfg]]// parameter ##xwiki.authentication.useip## to true you can block the cookies from being used except by the same IP address which got them.
54 54  
55 55  == Override version information ==
56 56  

About

About

Support

Platform

User Guide

Admin Guide

Developer Guide

Projects

XWiki

Extensions

Other

Contribute

Status

Practices

Under the Hood

Get Involved

Get Connected