You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by jb...@apache.org on 2019/10/18 17:03:33 UTC
[activemq] branch master updated: AMQ-7322 - Add HTTPOnly flag to
the webconsole + REST API Cookies
This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/activemq.git
The following commit(s) were added to refs/heads/master by this push:
new 63b1238 AMQ-7322 - Add HTTPOnly flag to the webconsole + REST API Cookies
new 830a4c0 Merge pull request #400 from coheigea/AMQ-7322
63b1238 is described below
commit 63b1238c4d1a0e10bd99ec9f3e6d2ee51b10c03d
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Fri Oct 18 17:18:33 2019 +0100
AMQ-7322 - Add HTTPOnly flag to the webconsole + REST API Cookies
---
activemq-web-console/src/main/webapp/WEB-INF/web.xml | 5 ++++-
assembly/src/release/webapps/api/WEB-INF/web.xml | 8 +++++++-
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/activemq-web-console/src/main/webapp/WEB-INF/web.xml b/activemq-web-console/src/main/webapp/WEB-INF/web.xml
index 2f50e5b..9672c84 100644
--- a/activemq-web-console/src/main/webapp/WEB-INF/web.xml
+++ b/activemq-web-console/src/main/webapp/WEB-INF/web.xml
@@ -155,7 +155,10 @@
</error-page>
<session-config>
- <session-timeout>30</session-timeout>
+ <session-timeout>30</session-timeout>
+ <cookie-config>
+ <http-only>true</http-only>
+ </cookie-config>
</session-config>
<context-param>
diff --git a/assembly/src/release/webapps/api/WEB-INF/web.xml b/assembly/src/release/webapps/api/WEB-INF/web.xml
index 2b0caf6..e316422 100644
--- a/assembly/src/release/webapps/api/WEB-INF/web.xml
+++ b/assembly/src/release/webapps/api/WEB-INF/web.xml
@@ -71,4 +71,10 @@
<url-pattern>/jolokia/*</url-pattern>
</servlet-mapping>
-</web-app>
\ No newline at end of file
+ <session-config>
+ <cookie-config>
+ <http-only>true</http-only>
+ </cookie-config>
+ </session-config>
+
+</web-app>