How to make Requests HttpOnly in strus1.1 [on hold]
Posted
by
WSDL
on Stack Overflow
See other posts from Stack Overflow
or by WSDL
Published on 2014-06-02T12:30:42Z
Indexed on
2014/06/10
3:26 UTC
Read the original article
Hit count: 314
struts-1
I am using struts1.2 with jboss4 sever.I have to make my requests HttpOnly.How do I make this with jobss4 and struts1.2.Please Help me .It is urgent
private void validateToken(HttpServletRequest request, HttpServletResponse response) { HttpSession session = request.getSession(true); String token = (String)session.getAttribute(TOKEN_KEY); if (token == null) { token = getRandomString(); session.setAttribute(TOKEN_KEY, token);
// System.out.println("Executing the Filter............XSS1");
response.addHeader("Set-Cookie", "httpOnly");
}
}
private String getRandomString() {
return String.valueOf(System.currentTimeMillis());
}
© Stack Overflow or respective owner