One of the reasons I love Adobe’s ColdFusion so much is the fact that it is built on a Java engine and you are able to use a lot of the powerful features of Java from CF. I however don’t get to use this feature often enough, mainly because most of the things I work [...]
Tag Archives: SSL
Setting secure attribute of JSESSIONID cookie in ColdFusion 8
As part of PCI compliance our servers were run through third party security auditing and one warning we received was “Missing Secure Attribute in an Encrypted Session (SSL) Cookie”. This warning referred to the JSESSIONID cookie being set in our SSL enabled pages not having the SECURE attribute set. In ColdFusion there is no way [...]
