[TAP5-2327] The Cookies interface should provide an option to mark cookies as httpOnly - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 5.3.7, 5.4
Fix Version/s: 5.5.0
Component/s: tapestry-core
Labels:
- desired_for_5.5
- patch

Description

Since Servlet 3.0 there is an option to mark cookies as httpOnly via javax.servlet.http.Cookie.setHttpOnly(boolean). There should be an option to use that in org.apache.tapestry5.services.Cookies. In 5.3.7 the default implementation does not set the httpOnly flag.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending

Attachments

0001-TAP-2327-add-httpOnly-method-to-support-Servlet-3.0.patch
26/Feb/16 16:37
1 kB
Barry Books
0001-TAP-2327-add-support-for-httpOnly-cookies-and-settin.patch
18/May/16 08:03
5 kB
Jochen Kemnade
0002-TAP-2327-add-support-for-version-and-comment.patch
26/Feb/16 16:51
2 kB
Barry Books

Issue Links

is blocked by

TAP5-2548 Upgrade embedded Jetty and Tomcat versions

Closed

Activity

People

Assignee:

Jochen Kemnade

Reporter:

Martin Schneider

Votes:

0 Vote for this issue

Watchers:

7 Start watching this issue

Dates

Created:

29/Apr/14 09:26

Updated:

14/Jul/16 06:09

Resolved:

14/Jul/16 05:46