How do i prevent the session id being passed between client and server via URL query string?

StackOverflow https://stackoverflow.com/questions/15516686

문제

How do i prevent the session id being passed between client and server via URL query string? I dont want the session identifier to be passed over the URL query string. How do i ensure this? Any help would be appreciated. Thanks Praveenkumar

도움이 되었습니까?

해결책

You can configure how your container tracks the session using your web.xml. Just add this to enforce cookies:

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

But please not that if you force your container to use cookies, you will break session handling for users that don't have cookies enabled.

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top