*/
public void setCookies(boolean cookies);
+ /**
+ * Gets the value of the use HttpOnly cookies for session cookies flag.
+ *
+ * @return <code>true</code> if the HttpOnly flag should be set on session
+ * cookies
+ */
+ public boolean getUseHttpOnly();
+
/**
+ * Sets the use HttpOnly cookies for session cookies flag.
+ *
+ * @param useHttpOnly Set to <code>true</code> to use HttpOnly cookies
+ * for session cookies
+ */
+ public void setUseHttpOnly(boolean useHttpOnly);
+
+ /**
* Return the "allow crossing servlet contexts" flag.
*/
public boolean getCrossContext();
public void setSessionAverageAliveTime(int sessionAverageAliveTime);
- /**
- * Gets the value of the use HttpOnly cookies for session cookies flag.
- *
- * @return <code>true</code> if the HttpOnly flag should be set on session
- * cookies
- */
- public boolean getUseHttpOnly();
-
-
- /**
- * Sets the use HttpOnly cookies for session cookies flag.
- *
- * @param useHttpOnly Set to <code>true</code> to use HttpOnly cookies
- * for session cookies
- */
- public void setUseHttpOnly(boolean useHttpOnly);
-
-
// --------------------------------------------------------- Public Methods
}
if ((scc != null && scc.isHttpOnly()) ||
- context.getManager().getUseHttpOnly()) {
+ context.getUseHttpOnly()) {
cookie.setHttpOnly(true);
}
*/
private boolean saveConfig = true;
+ /**
+ * The flag that indicates that session cookies should use HttpOnly
+ */
+ private boolean useHttpOnly = true;
+
+
+
// ----------------------------------------------------- Context Properties
new Boolean(this.cookies));
}
+
+ /**
+ * Gets the value of the use HttpOnly cookies for session cookies flag.
+ *
+ * @return <code>true</code> if the HttpOnly flag should be set on session
+ * cookies
+ */
+ public boolean getUseHttpOnly() {
+ return useHttpOnly;
+ }
+
+
+ /**
+ * Sets the use HttpOnly cookies for session cookies flag.
+ *
+ * @param useHttpOnly Set to <code>true</code> to use HttpOnly cookies
+ * for session cookies
+ */
+ public void setUseHttpOnly(boolean useHttpOnly) {
+ boolean oldUseHttpOnly = this.useHttpOnly;
+ this.useHttpOnly = useHttpOnly;
+ support.firePropertyChange("useHttpOnly",
+ new Boolean(oldUseHttpOnly),
+ new Boolean(this.useHttpOnly));
+ }
+
+
/**
*/
protected PropertyChangeSupport support = new PropertyChangeSupport(this);
- /**
- * The flag that indicates that session cookies should use HttpOnly
- */
- protected boolean useHttpOnly = true;
// ------------------------------------------------------------- Security classes
new Integer(this.processExpiresFrequency));
}
-
- /**
- * Gets the value of the use HttpOnly cookies for session cookies flag.
- *
- * @return <code>true</code> if the HttpOnly flag should be set on session
- * cookies
- */
- public boolean getUseHttpOnly() {
- return useHttpOnly;
- }
-
-
- /**
- * Sets the use HttpOnly cookies for session cookies flag.
- *
- * @param useHttpOnly Set to <code>true</code> to use HttpOnly cookies
- * for session cookies
- */
- public void setUseHttpOnly(boolean useHttpOnly) {
- this.useHttpOnly = useHttpOnly;
- }
-
// --------------------------------------------------------- Public Methods
implementation class that will be used for servlets managed by this
Context. If not specified, a standard default value will be used.</p>
</attribute>
+
+ <attribute name="useHttpOnly" required="false">
+ <p>Should the HttpOnly flag be set on session cookies to prevent client
+ side script from accessing the session ID? Defaults to
+ <code>true</code>.</p>
+ </attribute>
+
</attributes>
The default is 16.</p>
</attribute>
- <attribute name="useHttpOnly" required="false">
- <p>Should the HttpOnly flag be set on session cookies to prevent client
- side script from accessing the session ID? Defaults to
- <code>true</code>.</p>
- </attribute>
-
</attributes>
<h3>Persistent Manager Implementation</h3>
projects / tomcat7.0 / commitdiff