How do i prevent the session id being passed between client and server via URL query string?

StackOverflow https://stackoverflow.com/questions/15516686

Frage

How do i prevent the session id being passed between client and server via URL query string? I dont want the session identifier to be passed over the URL query string. How do i ensure this? Any help would be appreciated. Thanks Praveenkumar

War es hilfreich?

Lösung

You can configure how your container tracks the session using your web.xml. Just add this to enforce cookies:

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

But please not that if you force your container to use cookies, you will break session handling for users that don't have cookies enabled.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top