JSESSIONID cookie name hardcoded, not configurable

ibnemahdi / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java

Other

0 stars 0 forks source link

JSESSIONID cookie name hardcoded, not configurable #123

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?
1. Search code for JSESSIONID
2. Notice that String is referenced in several places. 

What is the expected output? What do you see instead?
Make the cookie name configurable because most application servers allow 
you to specify a different name for the session cookie. 

What version of the product are you using? On what operating system?
esapi-2.0_rc6.jar, windows

Please provide any additional information below.

Original issue reported on code.google.com by hal.dead...@gmail.com on 11 May 2010 at 5:29

GoogleCodeExporter commented 9 years ago

This is important enough that I'd like this done before 2.0GA - thanks for the 
bug report!

Original comment by manico.james@gmail.com on 2 Nov 2010 at 7:48

Added labels: Milestone-Release2.0

GoogleCodeExporter commented 9 years ago

Original comment by manico.james@gmail.com on 2 Nov 2010 at 8:00

Changed state: Accepted

GoogleCodeExporter commented 9 years ago

Made updates, reran all tests and passed, checked in as 
http://code.google.com/p/owasp-esapi-java/source/detail?r=1645

Original comment by jtmel...@gmail.com on 5 Nov 2010 at 3:00

GoogleCodeExporter commented 9 years ago

Closing issue - notified Arshan of pending issues in WAF code.

Original comment by jtmel...@gmail.com on 5 Nov 2010 at 3:02

Changed state: Fixed