#271 - Encryption of cookie data

GregoryMachin commented on Feb 07, 2023

Checklist before you being

• I am sure that I am already using latest version of Jira Assistant
• I had verified that there are no existing requests with similar suggestion in issue tracker
• I had verified that, my query is not answered in FAQ section of website

How do you use Jira Assistant?

Browser extension

Are you using cloud version of Jira or self hosted (data center / server) of Jira.

Cloud Jira

Version of Jira Assistant

2.47

What browser are you using?

Edge

Feature Suggestion

Hi,

To use new applications, we need to have the application reviewed by our security team. Overall the security team was satisfied that Jira Assistant met their requirements. They did say that they would prefer that the cookies were encrypted.

Would it be possible to encrypt the cookie data in future or at least the Jira related content ?

Thank you Greg

Checklist before you submit

• I have ensured not to paste any confidential information like Jira url, Mail id, etc.
• I have added required screenshots (as necessary)

shridhar-tl commented on Jan 23, 2023

Hi @GregoryMachin - Jira Assistant does not create or store or directly use any cookie data. So I am not sure what cookie data are you talking about. JA just do a COR request to Jira where browser automatically send the cookies stored by Jira as part of the request. Jira Assistant do not have any control over any cookie stored by Jira and is sent as part of request.

Kindly send a snapshot of what data are you talking about encrypting and if JA has control over it, I would be happy to have it encrypted as rest. But once again I would like to highlight that JA or any library used by JA does not create or store any cookies.

shridhar-tl commented on Jan 25, 2023

Hi @GregoryMachin - Any updates on this?

shridhar-tl commented on Feb 07, 2023

Hi @GregoryMachin - Please provide additional details as requested and please feel free to reopen this ticket.