Commit e660b96a authored by Mathias.Vehus's avatar Mathias.Vehus
Browse files

Finished task 0C

parent 8362c28c
......@@ -154,7 +154,10 @@ public class Handler extends AbstractHandler
final Stored<Account> account = session.value.account;
// User is now logged in with a valid sesion.
// We set the session cookie to keep the user logged in:
response.addCookie(new Cookie("session",session.identity.toString()));
Cookie cookie = new Cookie("session",session.identity.toString());
cookie.setHttpOnly(true);
cookie.setSecure(true);
response.addCookie(cookie);
// Set X-Frame-Options header
response.setHeader("X-Frame-Options", "SAMEORIGIN");
// Set X-Content-Type-Options header
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment