It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Guidelines | FAQ
Follow this question
Question details

×42,882
×12,008
×7,478
×4,321
×1,697

question asked: Sep 15 '15, 5:18 a.m.
question was seen: 7,820 times
last updated: Sep 17 '15, 2:52 a.m.

Related questions

How to add the 'Secure' attribute to all sensitive cookies in apache tomcat to fix Missing Secure Attribute in Encrypted Session (SSL) Cookie

0
Sajjad Ali Khan (314152) | asked Sep 15 '15, 5:18 a.m.
Hi All,

Can anyone please help me to add the 'Secure' attribute to all sensitive cookies in apache tomcat to fix "Missing Secure Attribute in Encrypted Session (SSL) Cookie" vulnerability of tomcat 7.0.64

Regards,
Sajjad.

One answer

Most liked answers ↑|Newest answers|Oldest answers

0
permanent link
Kevin Ramer (4.5k9186201) | answered Sep 15 '15, 2:26 p.m.
There are tons of discussions on this in the wild-wild web.   Most speak to configuration changes on the server.  

http://support.filecatalyst.com/index.php?/Knowledgebase/Article/View/209/0/securing-session-cookies-in-tomcat-with--httponly-and-securetrue

Is one such discussion.
Comments
Sajjad Ali Khan commented Sep 17 '15, 2:52 a.m.

Kevin Ramer
thanks dear for the reply but i have tried to do what is mentioned in your provided link,

still the same vulnerability in my scan report

Your answer

Register or to post your answer.


Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.