Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to set Httponly to cookie consistently

 
santosh batta
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

We have a web application running on jboss EAP 6.1 server. Recent web scanner reported that there is a potential security issue with the application. The cookies do not have "Httponly" in the response. I tried to set using web.xml as follows..



I could see this attribute for the first time, when I hit the URL. But after login, I do NOT see the attribute. Basically, I want this attribute set to all the cookies. Can you please help me, understand the issue and how can I set this attribute to all cookies?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic