Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Set HttpOnly argument for cookies to true #230

Merged
merged 1 commit into from
Dec 16, 2024

Conversation

ke4
Copy link
Contributor

@ke4 ke4 commented Dec 16, 2024

With this change we increase the security of the cookies by set the HttpOnly parameters of the cookies to true.
We set it in 3 different ways:

  • in the web.xml file
  • in the context.xml file
  • create a new listener that set this argument (HttpOnly) to true.

@ke4 ke4 added the Improvement Improve/refactor existing code label Dec 16, 2024
@ke4 ke4 requested a review from upendrakumbham December 16, 2024 15:34
@ke4 ke4 self-assigned this Dec 16, 2024
@ke4 ke4 linked an issue Dec 16, 2024 that may be closed by this pull request
Copy link
Contributor

@upendrakumbham upendrakumbham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Please double check indentation one more time before merge.

@ke4 ke4 merged commit f049a29 into develop Dec 16, 2024
2 checks passed
@ke4 ke4 deleted the chore/httponly_true_for_cookies branch December 16, 2024 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Improvement Improve/refactor existing code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add HttpOnly header to our web pages
2 participants