We recently upgraded from 6.0.14 to 6.0.18 due to an XSS security alert we
received.
The following code was working in 6.0.14 version but not in 6.0.18. Can
anyone explain this or a work around.
String sessionId = "Our session ID";
String cookieValue = sessionId + "; Path=/; HttpOnly ";
Cookie cookie = new Cookie("sessionId", cookieValue);
cookie.setVersion(1);
response.addCookie(cookie);
Thanks,
Kal
--
View this message in context:
http://www.nabble.com/Tomcat-Experts---Need-help-with-Cookie-support-in-6.0.18-tp18980912p18980912.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
