To use new applications, we need to have the application reviewed by our security team. Overall the security team was satisfied that Jira Assistant met their requirements. They did say that they would prefer that the cookies were encrypted.
Would it be possible to encrypt the cookie data in future or at least the Jira related content ?
Thank you Greg
Hi @GregoryMachin - Jira Assistant does not create or store or directly use any cookie data. So I am not sure what cookie data are you talking about. JA just do a COR request to Jira where browser automatically send the cookies stored by Jira as part of the request. Jira Assistant do not have any control over any cookie stored by Jira and is sent as part of request.
Kindly send a snapshot of what data are you talking about encrypting and if JA has control over it, I would be happy to have it encrypted as rest. But once again I would like to highlight that JA or any library used by JA does not create or store any cookies.
Hi @GregoryMachin - Any updates on this?
Hi @GregoryMachin - Please provide additional details as requested and please feel free to reopen this ticket.