Hello,
on my Application.cfc i have this code:
this.sessionManagement = false;
this.setClientCookies = false;
but on network monitor I see page set cookie JSESSIONID.
Is it possible disable this cookie? Is it possible set secure=true?
I have lucee 5.2.8 and Commandbox 4.2.0+00071 with code:
“app”:{
“sessionCookieSecure”:“true”
}
Thank you!
Hello,
I investigated better and I think this is a bug of Lucee.
If on the page there is cfthread code Lucee set cookie “JSESSIONID” though on Application.cfc there is setClientCookies=false
Is it possible force Undertow set cookie JSESSIONID with secure=true and onlyHttp=true?
thank you
Thank you Brad!
I opened a bug on Lucee
https://luceeserver.atlassian.net/browse/LDEV-2308
Bye
in data venerdì 14 giugno 2019, alle ore 21:44, hai scritto:
That feature is in the works, but got hung up
https://github.com/cfmlprojects/runwar/issues/100
Thanks!
~Brad
Developer Advocate
Ortus Solutions, Corp
E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com