Encryption of cookie data
Checklist before you being
- [X] I am sure that I am already using latest version of Jira Assistant
- [X] I had verified that there are no existing requests with similar suggestion in issue tracker
- [X] I had verified that, my query is not answered in FAQ section of website
How do you use Jira Assistant?
Are you using cloud version of Jira or self hosted (data center / server) of Jira.
Version of Jira Assistant
What browser are you using?
To use new applications, we need to have the application reviewed by our security team. Overall the security team was satisfied that Jira Assistant met their requirements. They did say that they would prefer that the cookies were encrypted.
Would it be possible to encrypt the cookie data in future or at least the Jira related content ?
Thank you Greg
Checklist before you submit
- [X] I have ensured not to paste any confidential information like Jira url, Mail id, etc.
- [X] I have added required screenshots (as necessary)
Hi @GregoryMachin - Jira Assistant does not create or store or directly use any cookie data. So I am not sure what cookie data are you talking about. JA just do a COR request to Jira where browser automatically send the cookies stored by Jira as part of the request. Jira Assistant do not have any control over any cookie stored by Jira and is sent as part of request.
Kindly send a snapshot of what data are you talking about encrypting and if JA has control over it, I would be happy to have it encrypted as rest. But once again I would like to highlight that JA or any library used by JA does not create or store any cookies.
Hi @GregoryMachin - Any updates on this?