Hi Robert,
Stripes will not control the settings of the session cookie issued by the
container. If you are using Servlet 3.0, you can use a
<session-config><cookie-config> elementsin your web.xml to set both
HttpOnly and Secure. If you are using a Servlet version less than 3.0,
then you will need to probably check your container's documentation. Most
of the containers have server configuration parameters which allow for the
session cookies to be set as HttpOnly and Secure.
Thanks.
-- Rick
On Wed, Jun 21, 2017 at 5:33 PM, Robert Nicholson <
robert.nichol...@gmail.com> wrote:
> Does stripes allow me to set HttpOnly or Secure on the session cookie
> that's emitted?
>
> Sent from my iPhone
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Stripes-users mailing list
> Stripes-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/stripes-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
