Yes, I saw that.  But he does not say how he made the new jsession id
string.  I am sure it is not some random string he pro
grammatically generated.  So, there must be a way to get at the jsessionid
even if you don't have jsessionidenabled in the administrator.

On Tue, Mar 6, 2012 at 2:44 PM, Cameron Childress <camer...@gmail.com>wrote:

>
> Try this:
>
>
> http://www.12robots.com/index.cfm/2009/5/6/Making-the-JSESSIONID-Session-Token-Cookie-SECURE-and-HTTPOnly-and-settings-its-PATH
>
> -Cameron
>
> On Tue, Mar 6, 2012 at 2:39 PM, Robert Rhodes <rrhode...@gmail.com> wrote:
> >
> > That works for cfid and cftoken, thanks.  But it won't work for
> jsessionid,
> > because once that is selected in the administrator, it shows up as an
> > unsecure cookie, even if you have setclientcookies turned off.  That's a
> > bummer, I wanted to use jsessionids.
>
>
>
> --
> Cameron Childress
> --
> p:   678.637.5072
> im: cameroncf
> facebook <http://www.facebook.com/cameroncf> |
> twitter<http://twitter.com/cameronc> |
> google+ <https://profiles.google.com/u/0/117829379451708140985>
>
>
> 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:350289
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm

Reply via email to