From c4c957e861caeec6e17049f149fb80818ee5f773 Mon Sep 17 00:00:00 2001
From: felmer <franz-josef.elmer@id.ethz.ch>
Date: Tue, 27 Mar 2018 14:11:41 +0200
Subject: [PATCH] SSDM-6285: setting for all cookies httpOnly=true and
 secure=true

---
 openbis_standard_technologies/resource/server/jetty-web.xml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/openbis_standard_technologies/resource/server/jetty-web.xml b/openbis_standard_technologies/resource/server/jetty-web.xml
index 0ddbc770e44..e88a2c19344 100644
--- a/openbis_standard_technologies/resource/server/jetty-web.xml
+++ b/openbis_standard_technologies/resource/server/jetty-web.xml
@@ -5,4 +5,10 @@
 	<Call name="addAliasCheck">
 	  <Arg><New class="org.eclipse.jetty.server.handler.AllowSymLinkAliasChecker"/></Arg>
 	</Call>
+    <Get name="sessionHandler">
+      <Get name="sessionCookieConfig">
+        <Set name="secure" type="boolean">true</Set>
+        <Set name="httpOnly" type="boolean">true</Set>
+      </Get>
+    </Get>
 </Configure>
\ No newline at end of file
-- 
GitLab