-
as seen on Stack Overflow
- Search for 'Stack Overflow'
JavaScript needs access to cookies if AJAX is used on a site with access restrictions based on cookies. Will HttpOnly cookies work on an AJAX site?
Edit: Microsoft created a way to prevent XSS attacks by disallowing JavaScript access to cookies if HttpOnly is specified. FireFox later adopted this…
>>> More
-
as seen on Stack Overflow
- Search for 'Stack Overflow'
Hello all,
Does anyone know exactly how to set HTTPONLY on classic ASP session cookies?
This is the final thing that's been flagged in a vulnerability scan and needs fixing ASAP, so any help is appreciated.
Thanks
Elliott
>>> More
-
as seen on Stack Overflow
- Search for 'Stack Overflow'
I'm trying to set the httponly flag on the JSESSIONID cookie. I'm working in Java EE 5, however, and can't use setHttpOnly(). First I tried to create my own JSESSIONID cookie from within the servlet's doPost() by using response.setHeader(). When that didn't work, I tried response.addHeader(). …
>>> More
-
as seen on Stack Overflow
- Search for 'Stack Overflow'
Anyone know how I can use httponly cookies for sessions and cookies on the app engine?
In the javadoc for the Cookie class, http://java.sun.com/javaee/6/docs/api/javax/servlet/http/Cookie.html#setHttpOnly(boolean) ,
there is a setHttpOnly method.
I get a compiler error when trying to use it when…
>>> More
-
as seen on Stack Overflow
- Search for 'Stack Overflow'
Hello all,
Does anyone know exactly how to set HTTPONLY on classic ASP session cookies?
This is the final thing that's been flagged in a vulnerability scan and needs fixing ASAP, so any help is appreciated.
~~~A LITTLE MORE INFORMATION ON MY PROBLEM~~~
Can anyone please help me with this?
I need…
>>> More