setting Secure and HttpOnly flag in Cookie

Avatar

Avatar

satheeshraj

Avatar

satheeshraj

satheeshraj

02-11-2015

Hi,

I have the below requirement could someone provide inputs as what could be done

  • I need to set the secure flag for login-token cookie. Currently "TokenUtil.createCredential()" method is having the argument to set the cookie as HttpOnly.
  • I need the sessionPersistence cookie to be HttpOnly and secure.

Please suggest a way to achieve this in CQ5 version 5.6.1

Thanks,

Satheeshraj V

View Entire Topic

Avatar

Avatar

satheeshraj

Avatar

satheeshraj

satheeshraj

02-11-2015

In the above provided link there was no clue to set secure flag for 'login-token' cookie and sessionPersistence cookie.