If you know that JSESSIONID is the cookie name, then you know, that server works under servlet technology. Hence, if someone wants to hack the site, he will search for Java vulnerabilities. In...
Type: Posts; User: angstrem
Re: Servlets and Session tracking cookie's name
If you know that JSESSIONID is the cookie name, then you know, that server works under servlet technology. Hence, if someone wants to hack the site, he will search for Java vulnerabilities. In...
Servlets and Session tracking cookie's name
In the book "Head first JSP & Servlets", on page 275, they say:
Isn't it a flow from the point of view of security? Wouldn't it be better not to expose the information about the internal system of...