How do i prevent the session id being passed between client and server via URL query string?

StackOverflow https://stackoverflow.com/questions/15516686

How do i prevent the session id being passed between client and server via URL query string? I dont want the session identifier to be passed over the URL query string. How do i ensure this? Any help would be appreciated. Thanks Praveenkumar

有帮助吗?

解决方案

You can configure how your container tracks the session using your web.xml. Just add this to enforce cookies:

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

But please not that if you force your container to use cookies, you will break session handling for users that don't have cookies enabled.

许可以下: CC-BY-SA归因
不隶属于 StackOverflow
scroll top