[security-dev] RESTEasy and HTTPOnly Cookies

Anil Saldhana Anil.Saldhana at redhat.com
Fri Feb 1 09:34:51 EST 2013


NewCookie nc = new NewCookie(...);
Response r = Response.ok().header("Set-Cookie", nc.toString() 
+";HttpOnly").build();

How do we get something like this done with ServerResponse RESTEasy class?

On 01/31/2013 06:19 PM, Bill Burke wrote:
> Thanks.  I submitted a bug at JAX-RS 2.0 spec for this.
>
> On 1/31/2013 12:22 PM, Anil Saldhana wrote:
>> Hi Bill,
>>      I was wondering how RESTEasy deals with HTTP Only Cookies.
>>
>> I do see https://issues.jboss.org/browse/RESTEASY-479
>>
>> Regards,
>> Anil


More information about the security-dev mailing list