简体繁体 English

如何使用Servlet API 2.5创建HttpOnly cookie？

[英]How can I create HttpOnly cookies using Servlet API 2.5?

原文 2012-09-24 18:50:52 0 1 java/ servlets/ cookies/ servlet-2.5

I'm working with a web application that uses Servlet API v2.5, running on Tomcat 6, and I need to send HttpOnly cookies to the client. 我正在使用在Tomcat 6上运行的使用Servlet API v2.5的Web应用程序，我需要向客户端发送HttpOnly cookie。 I'm not talking about session cookies generated by the servlet container (which is covered excellently by this question ), but custom cookies added to the response using response.addCookie() . 我不是在谈论servlet容器生成的会话cookie（这个问题很好地介绍了），但使用response.addCookie()将自定义cookie添加到响应中。

The Cookie#setHttpOnly() method does not exist in v2.5, so I have to build the HTTP header myself and add the HttpOnly token. Cookie#setHttpOnly()方法在v2.5中不存在，因此我必须自己构建HTTP标头并添加HttpOnly标记。 Is there an easy way to do this without rolling my own implementation of RFC 6265 from scratch? 有没有一种简单的方法可以做到这一点，而无需从头开始自己实现RFC 6265 ？

1 个解决方案

Maybe you will need to implement a org.apache.catalina.Valve (which works on a very similar philosophy to a Servlet Filter) and cast the cookies to org.apache.tomcat.util.http.ServerCookie so that you can access low-level details in order to stick 'HttpOnly' in there. 也许您需要实现一个org.apache.catalina.Valve （它与Servlet过滤器的工作原理非常相似）并将cookie转换为org.apache.tomcat.util.http.ServerCookie以便您可以访问低 -水平细节，以便在那里坚持'HttpOnly'。

Tomcat API JavaDocs Tomcat API JavaDocs

如何在servlet API 2.5中将会话cookie设置为仅Http-Only？ - How can I set session cookies to be Http-Only in servlet API 2.5?

我可以将Apache Tomcat 7与servlet api 2.5一起使用 - Can I use Apache Tomcat 7 with servlet api 2.5

如何在Vaadin中禁用HttpOnly cookie？ - How do i disable HttpOnly cookies in Vaadin?

使用javax.servlet 2.5设置httponly cookie - Setting an httponly cookie with javax.servlet 2.5

如何从Java客户端获取httponly cookie？ - How to get httponly cookies from a Java client?

如何在Java Servlet过滤器中检索所有cookie，即使具有相同的名称和相同的域？ - How can I retrieve all cookies, even with the same name and same domain, in java servlet filter?

带有servlet-api 2.5的Spring Cloud Zuul - Spring cloud Zuul with servlet-api 2.5

如何在Intellij Idea中使用Maven创建Servlet项目？ - How can I create Servlet project with maven in Intellij Idea?

如何通过Servlet在项目文件夹中创建文件？ - How can I create a file in my project folder through Servlet?

关于java web session handeling如何工作的困惑。使用servlet api和HttpSession对象揭开Cookie和标头差异的神秘面纱 - Confusion about how java web session handeling works. Demystifying Cookies and Header differences using servlet api and HttpSession object

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在servlet API 2.5中将会话cookie设置为仅Http-Only？ - How can I set session cookies to be Http-Only in servlet API 2.5? 我可以将Apache Tomcat 7与servlet api 2.5一起使用 - Can I use Apache Tomcat 7 with servlet api 2.5 如何在Vaadin中禁用HttpOnly cookie？ - How do i disable HttpOnly cookies in Vaadin? 使用javax.servlet 2.5设置httponly cookie - Setting an httponly cookie with javax.servlet 2.5 如何从Java客户端获取httponly cookie？ - How to get httponly cookies from a Java client? 如何在Java Servlet过滤器中检索所有cookie，即使具有相同的名称和相同的域？ - How can I retrieve all cookies, even with the same name and same domain, in java servlet filter? 带有servlet-api 2.5的Spring Cloud Zuul - Spring cloud Zuul with servlet-api 2.5 如何在Intellij Idea中使用Maven创建Servlet项目？ - How can I create Servlet project with maven in Intellij Idea? 如何通过Servlet在项目文件夹中创建文件？ - How can I create a file in my project folder through Servlet? 关于java web session handeling如何工作的困惑。使用servlet api和HttpSession对象揭开Cookie和标头差异的神秘面纱 - Confusion about how java web session handeling works. Demystifying Cookies and Header differences using servlet api and HttpSession object

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM