[security-dev] RESTEasy and HTTPOnly Cookies

Bill Burke bburke at redhat.com
Fri Feb 1 09:37:01 EST 2013


response.getMetadata() is the headers.

On 2/1/2013 9:34 AM, Anil Saldhana wrote:
> NewCookie nc = new NewCookie(...);
> Response r = Response.ok().header("Set-Cookie", nc.toString()
> +";HttpOnly").build();
>
> How do we get something like this done with ServerResponse RESTEasy class?
>
> On 01/31/2013 06:19 PM, Bill Burke wrote:
>> Thanks.  I submitted a bug at JAX-RS 2.0 spec for this.
>>
>> On 1/31/2013 12:22 PM, Anil Saldhana wrote:
>>> Hi Bill,
>>>       I was wondering how RESTEasy deals with HTTP Only Cookies.
>>>
>>> I do see https://issues.jboss.org/browse/RESTEASY-479
>>>
>>> Regards,
>>> Anil
> _______________________________________________
> security-dev mailing list
> security-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/security-dev
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the security-dev mailing list