[security-dev 01332]: hg: jdk7/tl/jdk: 6873543: CookieManager doesn't enforce httpOnly

jean-christophe.collet at sun.com jean-christophe.collet at sun.com
Wed Oct 21 11:49:32 UTC 2009


Changeset: 5ab37d9d9260
Author:    jccollet
Date:      2009-10-21 13:42 +0200
URL:       http://hg.openjdk.java.net/jdk7/tl/jdk/rev/5ab37d9d9260

6873543: CookieManager doesn't enforce httpOnly
Summary: Adds check for httpOnly tag and clarifies javadoc
Reviewed-by: chegar

! src/share/classes/java/net/CookieHandler.java
! src/share/classes/java/net/CookieManager.java
! test/java/net/CookieHandler/B6644726.java




More information about the security-dev mailing list