Skip to content

Commit

Permalink
[BP] Configure HttpOnly for language cookie and fix the cookie path. F…
Browse files Browse the repository at this point in the history 
…ixes #6151
  • Loading branch information
@josegar74 @ianwallen
josegar74 authored and ianwallen committed Feb 22, 2022
1 parent 31ba204 commit d750d1e
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion core/src/main/java/jeeves/server/sources/http/JeevesServlet.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,10 @@ private void execute(HttpServletRequest req, HttpServletResponse res) throws IOE
langCookie.setMaxAge((int) TimeUnit.DAYS.toSeconds(7));
langCookie.setComment("Keeps the last language chosen to be the preferred language");
langCookie.setVersion(1);
langCookie.setPath("/");
langCookie.setPath(req.getContextPath());
langCookie.setHttpOnly(req.getServletContext().getSessionCookieConfig().isHttpOnly());
langCookie.setSecure(req.getServletContext().getSessionCookieConfig().isSecure());

res.addCookie(langCookie);

//--- execute request
Expand Down

0 comments on commit d750d1e

Please sign in to comment.