Talk:HttpOnly

From OWASP
Revision as of 07:37, 18 June 2010 by Simon Bennetts (talk | contribs) (Created page with '== Tomcat configuration == Tomcat versions from 5.5.28 and 6.0.19 support the HttpOnly cookie option. This is configured in the conf/context.xml file: <Context useHttpOnly="t…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Tomcat configuration

Tomcat versions from 5.5.28 and 6.0.19 support the HttpOnly cookie option.

This is configured in the conf/context.xml file:

<Context useHttpOnly="true">
...
</Context>