tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 44382] Need to add support for HTTPOnly session cookie parameter
Date Fri, 11 Jul 2008 22:58:58 GMT

Saptarshi <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #7 from Saptarshi <>  2008-07-11 15:58:57 PST ---
All the major browsers supporting it... It is useful for the security of web
applications and can help prevent XSS (if not XST). This isn't really a big
change to the code and should be done quickly.

And if anyone is thinking its only a Microsoft hack, then today we shouldn't
have AJAX in web programming.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message