Skip to content

Commit

Permalink
Configure HttpOnly for language cookie and fix the cookie path. Fixes #…
Browse files Browse the repository at this point in the history 
…6151
  • Loading branch information
@josegar74 @ianwallen
josegar74 authored and ianwallen committed Feb 22, 2022
1 parent d7495a1 commit 657c69d
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion core/src/main/java/jeeves/server/sources/http/JeevesServlet.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,10 @@ private void execute(HttpServletRequest req, HttpServletResponse res) throws IOE
langCookie.setMaxAge((int) TimeUnit.DAYS.toSeconds(7));
langCookie.setComment("Keeps the last language chosen to be the preferred language");
langCookie.setVersion(1);
langCookie.setPath("/");
langCookie.setPath(req.getContextPath());
langCookie.setHttpOnly(req.getServletContext().getSessionCookieConfig().isHttpOnly());
langCookie.setSecure(req.getServletContext().getSessionCookieConfig().isSecure());

res.addCookie(langCookie);

//--- execute request
Expand Down

0 comments on commit 657c69d

Please sign in to comment.