stackoom
  简体   繁体   中英

How can I create HttpOnly cookies using Servlet API 2.5?

 原文  2012-09-24 18:50:52       java/ servlets/ cookies/ servlet-2.5

Question

I'm working with a web application that uses Servlet API v2.5, running on Tomcat 6, and I need to send HttpOnly cookies to the client. I'm not talking about session cookies generated by the servlet container (which is covered excellently by this question ), but custom cookies added to the response using response.addCookie() .

The Cookie#setHttpOnly() method does not exist in v2.5, so I have to build the HTTP header myself and add the HttpOnly token. Is there an easy way to do this without rolling my own implementation of RFC 6265 from scratch?

1 answers

solution1
 0  2012-10-31 13:58:40

Maybe you will need to implement a org.apache.catalina.Valve (which works on a very similar philosophy to a Servlet Filter) and cast the cookies to org.apache.tomcat.util.http.ServerCookie so that you can access low-level details in order to stick 'HttpOnly' in there.

Tomcat API JavaDocs

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can I set session cookies to be Http-Only in servlet API 2.5? Can I use Apache Tomcat 7 with servlet api 2.5 How do i disable HttpOnly cookies in Vaadin? Setting an httponly cookie with javax.servlet 2.5 How to get httponly cookies from a Java client? How can I retrieve all cookies, even with the same name and same domain, in java servlet filter? Spring cloud Zuul with servlet-api 2.5 How can I create Servlet project with maven in Intellij Idea? How can I create a file in my project folder through Servlet? Confusion about how java web session handeling works. Demystifying Cookies and Header differences using servlet api and HttpSession object
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM