tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zhi Xie <daxie...@gmail.com>
Subject Re: How to use the usehttponly feature in application level
Date Wed, 05 Dec 2012 01:54:11 GMT
Got it. Thanks, guys.


2012/12/4 Konstantin Kolinko <knst.kolinko@gmail.com>

> 2012/12/4  <techienote.com@gmail.com>:
> > Hi Zhi,
> >
> > You can set following parameters in web.xml of application.
> >
> > <session-config>
> > <cookie-config>
> > <http-only>true</http-only>
> > <secure>true</secure>
> > </cookie-config>
> > </session-config>
>
> +1. This is the best way.
>
> Note, that your web application should be using Servlet 3.0
> specification (as declared at the top of your web.xml file) to use
> this feature.
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


-- 
Best Regards
Gary

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message