BBjJettyContextConfiguration::setSessionCookieHttpOnly

Description

In BBj 18.04 and higher, this method sets the session-cookie-httpOnly attribute for the current BBjJettyContext.

Syntax

Return Value	Method
void	setSessionCookieHttpOnly(boolean httpOnly)

Parameters

Variable	Description
httpOnly	The value of the session-cookie-httpOnly flag.

Return Value

None.

Remarks

The session-cookie-httpOnly attribute helps mitigate the risk of client side script accessing the protected cookie (if the browser supports it) and if a cross-site scripting (XSS) flaw exists, prevents a user accidentally accesses a link that exploits this flaw.

Example

None.

See Also

BBjAPI

BBjJettyContextConfiguration

BBjJettyContextConfiguration::isSessionCookieHttpOnly()