Hello,
I would like to add cookie flags - secure and http only - to session cookie. Currently they are not set.
Can I do that easily? Should I modify context.xml?
Regards,
Grzegorz
Hi,
Your question is more relevant to the server that you are using, not to the platform. Anyway, I can suggest that you can either setup httpOnly in your server (for instance, Tomcat 8) or for java web application, see the following links:
Regards,
Gleb
1 Like
Yes, you are right. I solved it using web.xml. Thanks for your support.