stackoom
  简体   繁体   中英

How do i disable HttpOnly cookies in Vaadin?

 原文  2014-02-17 10:50:14       java/ vaadin/ vaadin7

Question

I have set the cookie in Vaadin and try to get it from another application which was running on the different server but I was not able to get that cookie what i have set in Vaadin?

We need to disable httpOnly cookie.

Can anyone help me "How to solve this issue?"

1 answers

solution1
 1  2014-02-17 11:07:26

The cookies set in header Set-Cookie . To get it you can use the following code: 

URLConnection urlConnection = new URL("url-of-your-web-app-here").openConnection();
List<String> cookiesList = urlConnection.getHeaderFields().get("Set-Cookie");

You can delete flag manually, by deleting HttpOnly :

response.setHeader( "Set-Cookie", "name=value; HttpOnly");

If you're working in a Servlet 3.0 or newer environment, configure your web.xml as following: 

<session-config>
   <cookie-config>
      <http-only>false</http-only>
   </cookie-config>
</session-config>

Note. The HttpOnly flag is an additional flag that is used to prevent an XSS (Cross-Site Scripting) exploit from gaining access to the session cookie.

See Also:

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How do you configure HttpOnly cookies in tomcat / java webapps? How can I create HttpOnly cookies using Servlet API 2.5? How do I delete a HttpOnly Cookie on the client? How to get httponly cookies from a Java client? How do I set the HttpOnly flag on JSF/Richfaces HttpOnly cookies on Tomcat 5.5.36 HttpOnly cookies not sent by request How do I display a table in Vaadin? How do I create a dialog window in Vaadin 8? Vaadin: how do I style a specific Grid?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM