I would like to add HTTPOnly support to the tomcat session handler
I added a bugzilla item http://issues.apache.org/bugzilla/show_bug.cgi?id=44382 Thoughts would be greatly apprecited Jim Manico, Senior Application Security Engineer <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] (301) 604-4882 (work) (808) 652-3805 (cell) Aspect SecurityT Securing your applications <http://aspectsecurity.com/about.html> at the source <http://www.aspectsecurity.com> http://www.aspectsecurity.com
