Solved

How can I tell from a java web application that the "secure" and 'httponly" flags for cookies were enabled at the level of the web server (Tomcat/Websphere/Weblogic)?

Posted on 2015-02-15
1
200 Views
Last Modified: 2015-03-03
We provide a web application as a product. It is important that the "secure" and "httpOnly" flags be enabled for cookies but we have no control over this - rather it is the customer's IT.

We do not handle the cookies in our web app - the web server does and it can be any (Tomcat/Weblogic/Websphere)

Is there a way in Java that our web application can check if the web server was configured for "secure" and "httpOnly"?
That way we can inform the admin that the web server is not securely configured.
0
Comment
Question by:Aaron Mirsky
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40611755
Basically no.  The only thing that is returned from the browser is the name and the value of the cookie.  If you have gone to one of the pages in Firefox, you can look at the cookies in Tools -> Options -> Privacy and see if the cookie requires an encrypted connection.  I can't find anywhere that you can check to see if 'httponly' is set.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
Q&A with Course Creator, Mark Lassoff, on the importance of HTML5 in the career of a modern-day developer.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question