嗨,到目前为止,我正在尝试使用 httponly cookie 这是我编写的代码
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
resp.setContentType("text/html");
PrintWriter out = resp.getWriter();
Cookie cookie = new Cookie("mycookie", "hi");
resp.addCookie(cookie);
cookie.setHttpOnly(true);
boolean bol = cookie.isHttpOnly();
out.println("<br>Cookie is Marked as HttpOnly = " + bol);
Cookie[] cookies = req.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
out.println("<br/> From Cookies Array Name is: "
+ cookies[i].getName());
out.println("<br/> From Cookies Array Value is: "
+ cookies[i].getValue());
out.println("<br/> From Cookies Array isHttpOnly: "
+ cookies[i].isHttpOnly());
}
}
out.println("<br/> <br/>");
cookie.setHttpOnly(false);
boolean bol1 = cookie.isHttpOnly();
out.println("<br>Cookie is Marked as HttpOnly = " + bol1);
Cookie[] cookies1 = req.getCookies();
if (cookies1 != null) {
for (int i = 0; i < cookies1.length; i++) {
out.println("<br/> From Cookies Array Name is: "
+ cookies[i].getName());
out.println("<br/> From Cookies Array Value is: "
+ cookies[i].getValue());
out.println("<br/> From Cookies Array isHttpOnly: "
+ cookies[i].isHttpOnly());
}
}
out.close();
}
印刷
Cookie is Marked as HttpOnly = true
From Cookies Array Name is: mycookie
From Cookies Array Value is: hi
From Cookies Array isHttpOnly: false
Cookie is Marked as HttpOnly = false
From Cookies Array Name is: mycookie
From Cookies Array Value is: hi
From Cookies Array isHttpOnly: false
请注意,我使用的是 JBoss 7,并且在 web.xml 配置中我已添加但我认为缺少某些内容
<session-config>
<cookie-config>
<http-only>true</http-only>
</cookie-config>
</session-config>