Set HttpOnly for the realm Cookie

commit: 05bce0d3e6dd31e8a26800d390f0fbce344960f9 [log] [tgz]
author: Colm O hEigeartaigh <coheigea@apache.org> Mon Apr 20 10:42:42 2020 +0100
committer: Colm O hEigeartaigh <coheigea@apache.org> Mon Apr 20 10:42:42 2020 +0100
tree: 3d900498cfbea0f13be739d100f8f07556eec168
parent: faf0adb90a5c45d56aecd60058c5733d167865d4 [diff]
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
index a1da71a..06637bd 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/util/WebUtils.java

@@ -191,6 +191,7 @@
         Cookie cookie = new Cookie(cookieName, cookieValue);
         cookie.setSecure(true);
         cookie.setMaxAge(-1);
+        cookie.setHttpOnly(true);
         cookie.setPath("/fediz-idp");
         httpServletResponse.addCookie(cookie);
     }
commit	05bce0d3e6dd31e8a26800d390f0fbce344960f9	[log] [tgz]
author	Colm O hEigeartaigh <coheigea@apache.org>	Mon Apr 20 10:42:42 2020 +0100
committer	Colm O hEigeartaigh <coheigea@apache.org>	Mon Apr 20 10:42:42 2020 +0100
tree	3d900498cfbea0f13be739d100f8f07556eec168
parent	faf0adb90a5c45d56aecd60058c5733d167865d4 [diff]