HTTP ONLY 过滤器要害代码

HTTP ONLY 过滤器关键代码if (response.containsHeader( SET-COOKIE )) {String sessionid request.ge

HTTP ONLY 过滤器关键代码
if (response.containsHeader( "SET-COOKIE" )) {
  String sessionid = request.getSession().getId();
  response.setHeader( "SET-COOKIE", "JSESSIONID=" + sessionid
                      + ";Path=/<whatever>; HttpOnly" );
}