It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×42,678
×11,843
×7,313
×4,272
×1,670

question asked: Sep 15 '15, 5:18 a.m.
question was seen: 6,913 times
last updated: Sep 17 '15, 2:52 a.m.

Related questions

FAQ - How this Forum works

How to add the 'Secure' attribute to all sensitive cookies in apache tomcat to fix Missing Secure Attribute in Encrypted Session (SSL) Cookie

0
Sajjad Ali Khan (313952) | asked Sep 15 '15, 5:18 a.m.
Hi All,

Can anyone please help me to add the 'Secure' attribute to all sensitive cookies in apache tomcat to fix "Missing Secure Attribute in Encrypted Session (SSL) Cookie" vulnerability of tomcat 7.0.64

Regards,
Sajjad.

One answer

Most liked answers ↓|Newest answers|Oldest answers

0
permanent link
Kevin Ramer (4.5k8178197) | answered Sep 15 '15, 2:26 p.m.
There are tons of discussions on this in the wild-wild web.   Most speak to configuration changes on the server.  

http://support.filecatalyst.com/index.php?/Knowledgebase/Article/View/209/0/securing-session-cookies-in-tomcat-with--httponly-and-securetrue

Is one such discussion.
Comments
Sajjad Ali Khan commented Sep 17 '15, 2:52 a.m.

Kevin Ramer
thanks dear for the reply but i have tried to do what is mentioned in your provided link,

still the same vulnerability in my scan report

Your answer

Register or to post your answer.