garrettmills/commafeed
1
0
Fork 0
forked from Archives/Athou_commafeed
Code Pull Requests Activity

don't show jsessionid in url

Browse Source
This commit is contained in:
Athou
2014-08-17 17:27:08 +02:00
parent f7d0fc5768
commit 0cec8af074
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/com/commafeed/CommaFeedApplication.java
View File

@@ -13,6 +13,8 @@ import java.io.File;
import java.util.Date; import java.util.Date;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import javax.servlet.SessionTrackingMode;
import org.eclipse.jetty.server.session.HashSessionManager; import org.eclipse.jetty.server.session.HashSessionManager;
import org.eclipse.jetty.server.session.SessionHandler; import org.eclipse.jetty.server.session.SessionHandler;
@@ -48,6 +50,7 @@ import com.commafeed.frontend.servlet.AnalyticsServlet;
import com.commafeed.frontend.servlet.CustomCssServlet; import com.commafeed.frontend.servlet.CustomCssServlet;
import com.commafeed.frontend.servlet.LogoutServlet; import com.commafeed.frontend.servlet.LogoutServlet;
import com.commafeed.frontend.servlet.NextUnreadServlet; import com.commafeed.frontend.servlet.NextUnreadServlet;
import com.google.common.collect.ImmutableSet;
import com.google.inject.Guice; import com.google.inject.Guice;
import com.google.inject.Injector; import com.google.inject.Injector;
import com.wordnik.swagger.config.ConfigFactory; import com.wordnik.swagger.config.ConfigFactory;
@@ -100,6 +103,7 @@ public class CommaFeedApplication extends Application<CommaFeedConfiguration> {
// Auth/session management // Auth/session management
HashSessionManager sessionManager = new HashSessionManager(); HashSessionManager sessionManager = new HashSessionManager();
sessionManager.setSessionTrackingModes(ImmutableSet.of(SessionTrackingMode.COOKIE));
sessionManager.setHttpOnly(true); sessionManager.setHttpOnly(true);
sessionManager.getSessionCookieConfig().setHttpOnly(true); sessionManager.getSessionCookieConfig().setHttpOnly(true);