Configure HTTPONLY for Horizon Session Cookie

Solution Verified - Updated -

Issue

Horizon Session cookie is missing the HttpOnly header, which can be a security vulnerability.

Environment

Red Hat Openstack Platform 10
Red Hat Openstack Platform 13
Red Hat Openstack Platform 16

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In