date:20090426

DO NOT REPLY [Bug 45255] support disable jsessionid from url against session fixation attacks

2009-04-26 Thread bugzilla

https://issues.apache.org/bugzilla/show_bug.cgi?id=45255 Dillon Sellars changed: What|Removed |Added Attachment #23284|0 |1 is obsolete|

DO NOT REPLY [Bug 45255] support disable jsessionid from url against session fixation attacks

2009-04-26 Thread bugzilla

https://issues.apache.org/bugzilla/show_bug.cgi?id=45255 --- Comment #11 from Mark Thomas 2009-04-26 14:01:36 PST --- The Servlet 3.0 spec (ie Tomcat 7 / trunk) includes this as part of the spec. Look for javax.servlet.SessionTrackingMode I think this will do everything you are looking for,

Bug report for Tomcat 6 [2009/04/26]

2009-04-26 Thread bugzilla

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 4 [2009/04/26]

2009-04-26 Thread bugzilla

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 5 [2009/04/26]

2009-04-26 Thread bugzilla

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

DO NOT REPLY [Bug 45255] support disable jsessionid from url against session fixation attacks

DO NOT REPLY [Bug 45255] support disable jsessionid from url against session fixation attacks

Bug report for Tomcat 6 [2009/04/26]

Bug report for Tomcat 4 [2009/04/26]

Bug report for Tomcat 5 [2009/04/26]

5 matches

Site Navigation

Mail list logo

Footer information