0

JSESSIONID showing is all GET requests

asked 2014-08-11 09:53:33 +0800

pranayjadhav gravatar image pranayjadhav
6

When checked using a proxy it is observed that jsessionid value is appended to all GET requests. This is a security issue.

How do we remove the jsessionid from GET urls?

delete flag offensive retag edit

1 Reply

Sort by » oldest newest

answered 2014-08-28 10:18:51 +0800

Darksu gravatar image Darksu
1991 1 4

Hello pranayjadhav,

The following posts provide some good examples on how to remove/handle the jsessionid value.

http://stackoverflow.com/questions/9486498/how-to-properly-set-jsessionid-cookie-path-behind-reverse-proxy

http://stackoverflow.com/questions/11327631/remove-jsessionid-from-url

Best Regards,

Darksu

link publish delete flag offensive edit
Your reply
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow
1 follower

RSS

Stats

Asked: 2014-08-11 09:53:33 +0800

Seen: 18 times

Last updated: Aug 28 '14

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More