Reputation: 1302
How to rename Liferay's default cookies?
I have JSP project which uses Liferay framework. There are default Liferay cookies named COOKIE_SUPPORT and GUEST_LANGUAGE_ID in Liferay. I dont want hackers to view any of my technology information by any means. How can I rename these cookie?
Upvotes: 0
Views: 632
Answers (1)
Reputation: 48067
If you want to protect the framework you're using, you won't have to worry about the names of the cookies. Worry about server identification, elements of the DOM, structure and mechanics of URLs, secure&hardened setup of your server, common translations, default content, standard error messages, etc.
In other words: If you don't want to give away, which standard framework you're using (and this is not limited to Liferay) you'll have to roll your own. Good luck with getting this as powerful and as well tested as any standard framework.
Rather worry about keeping your systems updated all the time and protect from well known vulnerabilities in older systems. For hardening Liferay specifically, you might want to start with my blog series on securing Liferay (linking chapter 1 which refers to the other chapters)
Promoting a comment into this answer: One way to find out how to change them is to search for their names in the source code and identify the kind of plugin you need to provide different values - most likely this will be an ext-plugin. After all, Liferay's source is available. I don't see anything short of this.
Upvotes: 2
Related Questions
- Change default cookie names for Antiforgery in ASP.NET Core MVC
- Liferay change Full name logged in
- Liferay lfr_session_state cookie
- How can I rename default session cookie names in servicestack
- Getting Liferay CookieNotSupportedException
- Liferay: How to add cookie from portlet from doEdit(RenderRequest req,RenderResponse res)
- Add non-http only cookie in Liferay
- How do I use autologin cookie in liferay?
- Liferay: How to add cookie from portlet
- How to set a Cookie in Liferay portlet?