My Oracle Support Banner

Missing Secure Attribute In Encrypted Session (SSL) Cookie // Disable WebDav (Doc ID 2027178.1)

Last updated on DECEMBER 04, 2019

Applies to:

Oracle Demantra Demand Management - Version 7.3.1 and later
Information in this document applies to any platform.


 we are running Demantra application ( on tomcat 6.0.44 , a security scan has reported that the application is sending non secure cookies over SSL (we can see the username/password) in clear text.

1- please advise how can we add the 'Secure' attribute to all sensitive cookies.
2- please advise how can we disable the WebDAV in the application.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.