0ct0pu5/fess
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix #2156 add httpOnly

Browse source
This commit is contained in:
Shinsuke Sugaya 2019-06-29 20:29:27 +09:00
parent e00423a79f
commit d1bd33d46d
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/main/java/org/codelibs/fess/helper/UserInfoHelper.java
View file

@ -50,6 +50,8 @@ public class UserInfoHelper {
protected Boolean cookieSecure;
protected boolean httpOnly = true;
public String getUserCode() {
final HttpServletRequest request = LaRequestUtil.getRequest();
@ -140,6 +142,7 @@ public class UserInfoHelper {
protected void updateCookie(final String userCode, final int age) {
final Cookie cookie = new Cookie(cookieName, userCode);
cookie.setMaxAge(age);
cookie.setHttpOnly(httpOnly);
if (StringUtil.isNotBlank(cookieDomain)) {
cookie.setDomain(cookieDomain);
}
@ -229,4 +232,8 @@ public class UserInfoHelper {
public void setCookieSecure(final Boolean cookieSecure) {
this.cookieSecure = cookieSecure;
}
public void setCookieHttpOnly(boolean httpOnly) {
this.httpOnly = httpOnly;
}
}