This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Talk:HttpOnly"

From OWASP
Jump to: navigation, search
(Created page with '== Tomcat configuration == Tomcat versions from 5.5.28 and 6.0.19 support the HttpOnly cookie option. This is configured in the conf/context.xml file: <Context useHttpOnly="t…')
 
 
Line 8: Line 8:
 
  ...
 
  ...
 
  </Context>
 
  </Context>
 +
[[User:Simon Bennetts|Simon Bennetts]] 14:40, 18 June 2010 (UTC)

Latest revision as of 13:41, 18 June 2010

Tomcat configuration

Tomcat versions from 5.5.28 and 6.0.19 support the HttpOnly cookie option.

This is configured in the conf/context.xml file:

<Context useHttpOnly="true">
...
</Context>

Simon Bennetts 14:40, 18 June 2010 (UTC)