SAP Note 943336 - HttpOnly cookie attribute

Component : Web Container, HTTP, JavaMail, Servlets -

Solution : https://service.sap.com/sap/support/notes/943336 (SAP Service marketplace login required)

Key words :
cross-site scripting attacks, client-side scripting languages, j2ee servlet specification mechanism, attacker-injected malicious scripts, client-side script code, server-generated cookies - jsessionid, j2ee engine web container, #httponly# cookie attribute supported, client-side script, protect server cookies

Related Notes :

1506858
1317545Applets/ ActiveX - HttpOnly Attr. for Cookie Sec. Protection
1299574User authentication when uploading documents
910284SAP WebAS Java 6.40 SP17 - List of corrections