Comments on: CFID and CFToken are now httpOnly in CF 9.0.1 updater /coldfusion-9-0-1-httponly-cookies/ Web development notes and commentary from Ryan Stille Sun, 17 Feb 2013 18:32:00 +0000 hourly 1 https://wordpress.org/?v=6.1.1 By: Ryan /coldfusion-9-0-1-httponly-cookies/comment-page-1/#comment-3692 Sun, 17 Feb 2013 18:32:00 +0000 /?p=898#comment-3692 Peter – no I don’t see how this would cause any issues with CFGRID.

]]> By: Peter Lorimer /coldfusion-9-0-1-httponly-cookies/comment-page-1/#comment-3691 Sun, 17 Feb 2013 12:45:26 +0000 /?p=898#comment-3691 Could this issue cause CFGRID to stop populating from a query after the 9.0.1 update?

]]> By: Ryan /coldfusion-9-0-1-httponly-cookies/comment-page-1/#comment-1671 Sun, 05 Sep 2010 19:12:36 +0000 /?p=898#comment-1671 No this is for CF 9 only.

]]> By: Knut /coldfusion-9-0-1-httponly-cookies/comment-page-1/#comment-1670 Sun, 05 Sep 2010 14:07:26 +0000 /?p=898#comment-1670 You wrote: …“-Dcoldfusion.sessioncookie.httponly=true”…

Does this also work in CF-8.0.1 ???

]]> By: Ryan /coldfusion-9-0-1-httponly-cookies/comment-page-1/#comment-1546 Fri, 16 Jul 2010 18:27:18 +0000 /?p=898#comment-1546 You are right John, you can specify httpOnly per-cookie using the CFCOOKIE tag now!

]]> By: John Sieber /coldfusion-9-0-1-httponly-cookies/comment-page-1/#comment-1545 Fri, 16 Jul 2010 18:00:53 +0000 /?p=898#comment-1545 I could be wrong, but I thought that I remembered reading that httpOnly attribute was added to the CFCOOKI tag in CF9. Thanks for the tip about adding httpOnly support for jSessionID's as well!

]]>