No. How should I do that?
Richard Hoffman, PhD Software Developer, Principal U.S. Army Research Laboratory Contractor, Secure Mission Solutions, a Parsons Company Phone: 410-306-4906 [email protected] [email protected] ________________________________ From: [email protected] <[email protected]> on behalf of Jan Bartel <[email protected]> Sent: Thursday, May 18, 2017 3:29 AM To: JETTY user mailing list Subject: Re: [jetty-users] Jetty 9.4.5 HttpOnly. Actually don't bother following my suggestion, I've checked the code and I can't reproduce the problem at all. Are you sure you've told your webapp to use $jetty.base/etc/webdefault.xml as its defaultsdescriptor? Jan On 18 May 2017 at 09:02, Jan Bartel <[email protected]<mailto:[email protected]>> wrote: Have you tried specifying <name>JSESSIONID</name> or whatever the name of the cookie is that you want to use inside the <cookie-config>? Let me know if that works, I'll see if we're not defaulting it to JSESSIONID if not supplied. Jan On 18 May 2017 at 01:07, Lord Buddha <[email protected]<mailto:[email protected]>> wrote: Is it/should it possible to use jetty.base/etc/webdefault.xml to default the setting of HttpOnly to true for the session cookie. Have tried <session-config> <session-timeout>30</session-timeout> <cookie-config> <http-only>true</http-only> </cookie-config> </session-config> and <session-config> <session-timeout>30</session-timeout> <http-only>true</http-only> </session-config> or is there some other alternate besides doing in the apps web.xml ? /David _______________________________________________ jetty-users mailing list [email protected]<mailto:[email protected]> To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users -- Jan Bartel <[email protected]<mailto:[email protected]>> www.webtide.com<http://www.webtide.com> Expert assistance from the creators of Jetty and CometD -- Jan Bartel <[email protected]<mailto:[email protected]>> www.webtide.com<http://www.webtide.com> Expert assistance from the creators of Jetty and CometD
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
