Missing Secure Attribute In Encrypted Session (SSL) Cookie // Disable WebDav
Last updated on SEPTEMBER 08, 2016
Applies to:Oracle Demantra Demand Management - Version 7.3.1 and later
Information in this document applies to any platform.
we are running Demantra application (18.104.22.168) on tomcat 6.0.44 , a security scan has reported that the application is sending non secure cookies over SSL (we can see the username/password) in clear text.
1- please advise how can we add the 'Secure' attribute to all sensitive cookies.
2- please advise how can we disable the WebDAV in the application.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms