AgileApps Support Wiki Pre Release

Avoiding Duplicate Cookies

From AgileApps Support Wiki
Revision as of 09:34, 25 March 2019 by imported>Aeric

The application sets a cookie with a different value multiple times within the same response. This is not a direct threat to the security of the application; however, might indicate a programming error, and can have unintended consequences. The application sets the JSESSIONID cookie to multiple values within the same response.

Browsers will accept only one of these values; typically the value in the last header. Servers should not include more than one Set-Cookie header field in the same response with the same cookie-name. The application should be configured to not return multiple “Set-Cookie” HTTP headers in the same response with the same name.

To resolve this issue, open the context.xml file from the <Install directory>/profiles/IS_default/configuration/tomcat/conf folder. Edit the <Context? tag as follows: <Context sessionCookiePath="/">