subject:"RE\: httpOnly issue"

RE: httpOnly issue

2017-03-08 Thread Pritchett, Mark S. (CONT)

Users List <users@tomcat.apache.org> Subject: RE: httpOnly issue Hi Mark The problem remains if I remove all the webapps except ROOT. Regards Mark -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 08 March 2017 13:23 To: Tomcat Users List <users@tomcat.a

RE: httpOnly issue

2017-03-08 Thread Pritchett, Mark S. (CONT)

Hi Mark The problem remains if I remove all the webapps except ROOT. Regards Mark -Original Message- From: Mark Thomas [mailto:ma...@apache.org] Sent: 08 March 2017 13:23 To: Tomcat Users List <users@tomcat.apache.org> Subject: Re: httpOnly issue On 08/03/17 12:53, Pritchett,

Re: httpOnly issue

2017-03-08 Thread Mark Thomas

On 08/03/17 12:53, Pritchett, Mark S. (CONT) wrote: > Hi All > > My first posting. > > Server version: Apache Tomcat/7.0.67 > JVM Version:1.7.0_131-mockbuild_2017_02_07_02_15-b00 > > A vulnerability scan has shown that tomcat doesn't apply httpOnly to come > cookies. > I need to determine