Wish B4J server set jsessionid cookie HttpOnly

Erel

B4X founder
Staff member
Licensed User
Longtime User
You can set HttpOnly with this code:
B4X: 
Dim jo As JavaObject = srvr
   Dim sessionmanager As JavaObject = _
     jo.GetFieldJO("context").RunMethodJO("getSessionHandler", Null).RunMethod("getSessionManager", Null)
   sessionmanager.RunMethod("setHttpOnly", Array(True))
Run it after you call Server.Start.

I tested this code with FireBug:
 
You must log in or register to reply here.
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…