Reputation: 3685
Set Cookie httpOnly to false In Grails.
I'm currently creating an application, in which I use code like this:
session.user = user.username
Hence I get JSESSIONID cookie created. But I want my client side program to read this cookie; But since its been set HttpOnly to true I can't get value from client side.
How one should change the cookie Httponly to set false in grails? So that client side code can read them?
Thanks.
Upvotes: 0
Views: 1762
Answers (1)
Reputation: 24776
The httpOnly setting isn't a Grails option but rather an option of the container running your application (Tomcat in your example). Thus these changes are going to be related to Tomcat more than Grails.
Normally Grails creates the web.xml for Tomcat at compile/runtime and while you could use the eventConfigureTomcat within BuildConfig.groovy to configure Tomcat, this would only work for development and testing environments and not production.
Thus, it's best to use install-templates and modify your src/templates/war/web.xml to have the correct value for the httpOnly attribute. e.g. <Context httpOnly="false" ... You can find out more information about configuring Tomcat from their official documentation.
Upvotes: 2
Related Questions
- How to set httpOnly flag true for cookie in Java?
- How do I set a cookie HttpOnly flag to false in Rails (not HttpOnly cookie)
- How do I set the session cookie's HttpOnly setting to false?
- How to convert from "javax.servlet.http.Cookie" to "org.apache.http.cookie.Cookie" in grails
- How to access cookie in grails2.2.5 service
- Grails Spring Security REST -- Getting session cookie
- force the browser to use HTTPS while login in Grails
- How do I create and retrieve Cookies in Grails 2.0?
- How to set and retrieve cookies in Grails?
- Session cookie with httpOnly flag