JDK-6692802 : Add accessor methods to java.net.HttpCookie to support HttpOnly attribute
  • Type: Enhancement
  • Component: core-libs
  • Sub-Component: java.net
  • Affected Version: 6
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2008-04-23
  • Updated: 2017-05-16
  • Resolved: 2011-03-08
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7
7 b37Fixed
Related Reports
Relates :  
JDK-6890023 - Network: Cookies marked HttpOnly not included in URLConnection requests
Relates :  
JDK-6865629 - Backport JDK 7 Cookie fixes to JDK 6
Description
The HttpOnly attribute for cookies is not part of RFC 2965 but is widely used because it provides a extra level of security.
When a cookie is flagged 'HttpOnly' it means that cookie should not be accessible through scripting but only sent as part of a HTTP request.
Comments
EVALUATION JDK7 changeset: http://hg.openjdk.java.net/jdk7/tl/jdk/rev/eb342082e2b6 This RFE is concerned with adding API support to java.net.HttpCookie to support setting/getting the HttpOnly attribute.
27-09-2011
EVALUATION Simple enough. Will do as soon as possible.
04-09-2008