如何在JSF/Richfaces上设置HttpOnly标志 [英] How do I set the HttpOnly flag on JSF/Richfaces
本文介绍了如何在JSF/Richfaces上设置HttpOnly标志的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我想将HttpOnly
标志添加到JSF/richfaces
cookie,尤其是会话cookie,以提高Web应用程序的安全性.有任何想法吗?
I'd like to add the HttpOnly
flag to JSF/richfaces
cookies, especially the session cookie, to up the level of security on my web app. Any ideas?
推荐答案
FacesContext facesContext = FacesContext.getCurrentInstance().getFacesContext();
HttpServletResponse response = (HttpServletResponse) facesContext.getExternalContext().getResponse();
response.addHeader("Set-Cookie", "yourcookiename=yourcookievalue; HTTPOnly");
这篇关于如何在JSF/Richfaces上设置HttpOnly标志的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文