Want to write articles/new answer to be published in javapedia.net? Send in your article with your name to javatutorials2016@gmail.com!

Prev Next

Servlet / Servlet Interview Questions

How to protect session cookies in Servlet?

For Java EE 6 (Servlet 3.0) the setHttpOnly and setSecure methods can be used to protect HTTP Cookies.

For older Java versions, there are no API available to directly set the HttpOnly and Secure flags. The workaround is creating a custom SET-COOKIE header.

String sessionId = request.gerSession().getId();
Response.setHeader("SET-COOKIE", "JSESSIONID=" + sessionId + "; HttpOnly; Secure");

❤Cash Back At Stores you Love !!!❤

Earn your $10 reward when you make your first purchase through Ebates by signing up with clicking below button.

Ebates Coupons and Cash Back

More Related questions...

Show more question and Answers...


Comments & Discussions