Are there other extended attributes or is this a special case ?
Marc.
On Jul 23, 2008, at 1:13 PM, Rajiv Mordani wrote:
> We have added support for HTTP-only cookies in servlet 3.0. It is
> the EDR out there but there is no implementation available as yet.
>
> - Rajiv
>
> Bertold Kolics wrote:
>> Hi,
>>
>> Would it be possible to add support for HTTP-only cookies in the
>> Cookie/NewCookie classes (see http://www.owasp.org/index.php/HTTPOnly)?
>> I understand that this extension is non-standard and does not give
>> full protection against XSS - but it should be trivial to implement.
>>
>> Bertold
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_jsr311.dev.java.net
>> For additional commands, e-mail: users-help_at_jsr311.dev.java.net
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jsr311.dev.java.net
> For additional commands, e-mail: users-help_at_jsr311.dev.java.net
>
---
Marc Hadley <marc.hadley at sun.com>
CTO Office, Sun Microsystems.