• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Httpsession  RSS feed

 
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpSession internally uses cookies and after disabling it, still working: how?
 
srikanth darbha
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does HttpSession internally uses cookies if yes how?please anyone provide me the feedback
 
author & internet detective
Sheriff
Posts: 38569
659
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpSession doesn't have to use cookies. The JSESSIONID can be passed as a parameter in the URL instead. In general, this is less secure as it is easier to capture the URL. And therefore another user's session.
 
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

srikanth darbha wrote:HttpSession internally uses cookies and after disabling it, still working: how?



Exactly how did you "disable" cookies?

Why do you think "still working"?

Bill
 
srikanth darbha
Ranch Hand
Posts: 56
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Jeanne Boyarsky wrote:HttpSession doesn't have to use cookies. The JSESSIONID can be passed as a parameter in the URL instead. In general, this is less secure as it is easier to capture the URL. And therefore another user's session.



thanks
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!