Reputation: 18128
HTTP Apache - how to set param in a Header for a secure cookie?
Does anyone know if its possible to set a "Secure Cookie" inside a Header?
i need to create a cookie in a header like this Set-Cookie:JSESSIONID:893ihewwydkq2764@&@09;Path=/;secure
With the "secure" param at the end. I have looked at the Http apache Header class and all it takes is a name and value pair. what about aditional params such as "secure" ?
The purpose of doing this is so that the cookies can only be used on a encrypted connection ie on https:// only
I am devoloping in Java by the way. thanks
Upvotes: 2
Views: 888
Answers (2)
Reputation: 31300
In general, http headers are just that: key-value. For the Cookie header, the "value" is actually a list of key-value pairs itself (plus a bunch of other things usually)
However, if you are developing in Java, there is probably a better way to deal with cookies than by manipulating the headers directly. If you are using a framework, the framework probably makes it easier, but if you are working with raw servelets, the servelet spec also gives you better ways of dealing with setting cookies.
With the HttpClient package, you can definitely send secure cookies back to the server. The SetCookie interface can set the cookie to be secure. That said, it's a little bit confusing that you are using HttpClient to set secure cookies (the server, not the client, usually does that) but you can still do it.
Upvotes: 2
Related Questions
- Sending cookie with HTTP request in Java
- Convert a Java cookie object to a String to set in httpResponse "Set-Cookie" header
- How to remove session cookie's secure flag using mod_header?
- Java - How to get and add cookies to request header correctly?
- Getting "Set-Cookie" header
- Using apache httpclient how to set cookie for http request
- Java Why aren't "Set-Cookie" headers being read?
- How to parse the 'Cookie' header into `javax.servlet.http.Cookie` with Spring?
- Set a cookie through Apache HTTP Client Fluent interface
- What is an HTTP header element?