Answer by Mithun for Set http-only on cookies created in Spring MVC Controller
You need to set the HttpOnly as below:Cookie cookie = new Cookie("timestamp", new Long(new Date().getTime()).toString() +";HttpOnly");It needs to follow cookieName=cookieValue;HttpOnly;Secure format
View ArticleAnswer by sathya_dev for Set http-only on cookies created in Spring MVC...
Replace: Cookie cookie = new Cookie("timestamp", new Long(new Date().getTime()).toString());with the followingCookie cookie = new Cookie("timestamp", new Long(new...
View ArticleAnswer by wolfram77 for Set http-only on cookies created in Spring MVC...
It can be set as cookie.setHttpOnly(true) just like you did for secure.
View ArticleSet http-only on cookies created in Spring MVC Controller
I need to restrict access to a cookie containing a session token so that javascript can't access it.Advice that was given was to set Secure and HttpOnly flags on the cookie.I was having trouble with...
View Article
More Pages to Explore .....