环境
springboot2.3.1
JDK1.8 jetty
配置
server:
port: 9212
session:
cookie:
http-only: true
secure: true
使用这种方式设置 http-only 无效,也用过cookie中追加。
Cookie[] cookies = request.getCookies();
for (Cookie cookie: cookies) {
if(StringUtils.equals("JSESSIONID",cookie.getName())){
StringBuilder sb = new StringBuilder(cookie.getValue());
sb.append(";").append("Secure;").append("HttpOnly;");
cookie.setValue(sb.toString());
response.setHeader("Set-Cookie",sb.toString());
}
}
都不行
请问怎么解决