Re: [jetty-users] SameSite to STRICT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-users] SameSite to STRICT

From: Joakim Erdfelt <joakim@xxxxxxxxxxx>
Date: Wed, 14 Jul 2021 11:18:51 -0500
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jetty-users/>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

What does the actual HTTP Response that created that JSESSIONID look like?

On Wed, Jul 14, 2021 at 11:07 AM Sai Sankar Challa via jetty-users <jetty-users@xxxxxxxxxxx> wrote:

Hi Team

We upgraded our Jetty version to 9.4.38.v20210224 and we want to Set 'SameSite' attribute to 'Strict' in JSESSIONID for our portal security .

We made the code changes as per below in our web.xml and still not seeing any difference.

<session-config>

    <cookie-config>

     <http-only>false</http-only>

     <secure>false</secure>

     <comment>__SAME_SITE_STRICT__</comment>

    </cookie-config>

</session-config>

Browser Cookie

Can you please through some idea to get this done .

Thanks

Sai

_______________________________________________
jetty-users mailing list
jetty-users@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users

Follow-Ups:
- Re: [jetty-users] SameSite to STRICT
  - From: Sai Sankar Challa

References:
- [jetty-users] SameSite to STRICT
  - From: Sai Sankar Challa

Prev by Date: [jetty-users] SameSite to STRICT
Next by Date: Re: [jetty-users] SameSite to STRICT
Previous by thread: [jetty-users] SameSite to STRICT
Next by thread: Re: [jetty-users] SameSite to STRICT
Index(es):
- Date
- Thread

Breadcrumbs