BBjCookie::setHttpOnly

Description

In BBj 18.04 and higher, this method indicates that the cookie should only be sent over HTTP. It can be used to prevent client-side scripts from accessing the cookie.

The default value is false.

Syntax

Return Value	Method
void	setHttpOnly(boolean `value`)

Parameters

Parameter	Description
value	If true, the cookie can only be sent over HTTP(S) protocol

Return Value

None.

Remarks

HttpOnly is an additional flag included in a Set-Cookie HTTP response header. Using the HttpOnly flag when generating a cookie helps mitigate the risk of client side script accessing the protected cookie (if the browser supports it).

Example

rem 'Obtain the instance of the BBjAPI object

let myAPI! = BBjAPI()
MyServlet! = new MyServlet()

data!.setCallback(data!.ON_WEB_CONNECTION, myServlet!, "myMethod")

process_events
class public MyServlet
    method public void myMethod(BBjServletEvent p_event!)
        let chan = UNT
        request! = p_event!.getHttpRequest()
        response! = p_event!.getHttpResponse()
        response!.setContentType("text/html")
        cookie! = response!.addCookie("MyCookie")
        cookie!.setValue("My cookie data")
        cookie!.setPath("/servlet/MyServlet")
        cookie!.setDomain("www.wibble.com")
        cookie!.setMaxAge(3600)
        cookie!.setSecure(0)
        cookie!.setVersion(1)
        cookie!.setComment("comment)
        open (chan)"JSERVLET"
        print (chan)"<html><body><h1>Hello BBj!</h1>"
        print (chan)"</body></html>"
        close (chan)
    methodend
classend