Fantastic, thank you! On Thu, Dec 24, 2015 at 6:23 AM, Joakim Erdfelt <[email protected]> wrote:
> Jetty 7 is old ... VERY old now ... > > It was supporting Servlet 2.5, which didn't support setting the HttpOnly > option in the cookies. > The result was that the only way to set that was to do it via the > SessionManager directly. > > However, lots has changed since then. > Jetty 9 is Servlet 3.1, it has a javax.servlet.SessionCookieConfig object > > http://docs.oracle.com/javaee/7/api/javax/servlet/SessionCookieConfig.html > > In there, you will find setHttpOnly(boolean) > > http://docs.oracle.com/javaee/7/api/javax/servlet/SessionCookieConfig.html#setHttpOnly-boolean- > > You can choose to use the ServletContext when the webapp is started (or > starting) and configure it using normal servlet initialization techniques. > > Or you can use the same object via the SessionManager. > > > webappcontext.getSessionHandler().getSessionManager().getSessionCookieConfig().setHttpOnly(true); > > > Joakim Erdfelt / [email protected] > > On Wed, Dec 23, 2015 at 6:06 PM, Benjamin Jaton <[email protected]> > wrote: > >> Hello, >> >> I am trying to grammatically set the HTTPOnly option, I found this: >> >> http://stackoverflow.com/questions/12968217/making-jsessionid-cookie-be-httponly-in-jetty-7 >> >> So I expected to see a setHttpOnly(boolean) here: >> >> http://download.eclipse.org/jetty/9.3.6.v20151106/apidocs/org/eclipse/jetty/server/SessionManager.html >> >> but no luck. >> Any pointers? >> >> Thanks >> Ben >> >> _______________________________________________ >> jetty-users mailing list >> [email protected] >> To change your delivery options, retrieve your password, or unsubscribe >> from this list, visit >> https://dev.eclipse.org/mailman/listinfo/jetty-users >> > > > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
