How to make Requests HttpOnly in strus1.1 [on hold]

Posted by WSDL on Stack Overflow See other posts from Stack Overflow or by WSDL
Published on 2014-06-02T12:30:42Z Indexed on 2014/06/10 3:26 UTC
Read the original article Hit count: 314

Filed under:

I am using struts1.2 with jboss4 sever.I have to make my requests HttpOnly.How do I make this with jobss4 and struts1.2.Please Help me .It is urgent

private void validateToken(HttpServletRequest request, HttpServletResponse response) { HttpSession session = request.getSession(true); String token = (String)session.getAttribute(TOKEN_KEY); if (token == null) { token = getRandomString(); session.setAttribute(TOKEN_KEY, token);

       // System.out.println("Executing the Filter............XSS1");
        response.addHeader("Set-Cookie",  "httpOnly");
    }

 }
 private String getRandomString() {
        return String.valueOf(System.currentTimeMillis()); 
  }

© Stack Overflow or respective owner

Related posts about struts-1