On Mon, May 19, 2014 at 9:45 AM, brad f wrote:
>
> Not sure what I am missing here. We are running Coldfusion 9.0.2 in a
> clustered environment. I added the -Dcoldfusion.sessioncookie.httponly=true
> to the jvm.config file. I restart the coldfusion instances. Run an
> application scan and it st
Not sure what I am missing here. We are running Coldfusion 9.0.2 in a clustered
environment. I added the -Dcoldfusion.sessioncookie.httponly=true to the
jvm.config file. I restart the coldfusion instances. Run an application scan
and it still says the y are not httponly (also check using Chrome
2 matches
Mail list logo
