How do i prevent the session id being passed between client and server via URL query string?

https://stackoverflow.com/questions/15516686

jsf
web.xml
query-string
session-cookies
jsessionid

24-03-2022
|

質問

How do i prevent the session id being passed between client and server via URL query string? I dont want the session identifier to be passed over the URL query string. How do i ensure this? Any help would be appreciated. Thanks Praveenkumar

解決

You can configure how your container tracks the session using your web.xml. Just add this to enforce cookies:

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

But please not that if you force your container to use cookies, you will break session handling for users that don't have cookies enabled.

ライセンス： CC-BY-SA と帰属

所属していません StackOverflow