• Post Reply Bookmark Topic Watch Topic
  • New Topic

Httpsession

 
srikanth darbha
Ranch Hand
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpSession internally uses cookies and after disabling it, still working: how?
 
srikanth darbha
Ranch Hand
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Does HttpSession internally uses cookies if yes how?please anyone provide me the feedback
 
Jeanne Boyarsky
author & internet detective
Sheriff
Posts: 36007
422
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
HttpSession doesn't have to use cookies. The JSESSIONID can be passed as a parameter in the URL instead. In general, this is less secure as it is easier to capture the URL. And therefore another user's session.
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13078
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
srikanth darbha wrote:HttpSession internally uses cookies and after disabling it, still working: how?


Exactly how did you "disable" cookies?

Why do you think "still working"?

Bill
 
srikanth darbha
Ranch Hand
Posts: 50
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne Boyarsky wrote:HttpSession doesn't have to use cookies. The JSESSIONID can be passed as a parameter in the URL instead. In general, this is less secure as it is easier to capture the URL. And therefore another user's session.


thanks
 
What are you doing? You are supposed to be reading this tiny ad!
the new thread boost feature brings a LOT of attention to your favorite threads
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!