Hi All,
I am trying to figure out how can I make my existing cookies secure by adding secure attribute (PS. I am newbie to cookies).
Solved! Go to Solution.
Views
Replies
Total Likes
@Shaheena_Sheikh ,if you don't make your cookie secure, then the cookie can be transmitted over the HTTP connection. so if you use HTTPS also, it is good practice to make your cookie secure.
Check below code
Cookie emailCookie = new Cookie("email", email);
emailCookie.setPath("/");
emailCookie.setMaxAge(31536000);
emailCookie.setPath(";Path=/;HttpOnly;");;
emailCookie.setSecure(true);
response.addCookie(emailCookie);
The cookies which you create using javascript also should make secure.
Hi @Shaheena_Sheikh ,
Is your pages are rendered over https protocal?? If so OOTB will add secure flags on all cookies. You can additionally achieve this through api as well .
Check out the below thread for similar query
Views
Replies
Total Likes
You can set HttpOnly and Secure flags to cookie. Check the below Cookie API documentation. Use setSecure(boolean flag) and setHttpOnly(boolean isHttpOnly).
https://docs.oracle.com/javaee/6/api/javax/servlet/http/Cookie.html
@Shaheena_Sheikh ,if you don't make your cookie secure, then the cookie can be transmitted over the HTTP connection. so if you use HTTPS also, it is good practice to make your cookie secure.
Check below code
Cookie emailCookie = new Cookie("email", email);
emailCookie.setPath("/");
emailCookie.setMaxAge(31536000);
emailCookie.setPath(";Path=/;HttpOnly;");;
emailCookie.setSecure(true);
response.addCookie(emailCookie);
The cookies which you create using javascript also should make secure.
Views
Likes
Replies
Views
Like
Replies