how do I test httpOnly cookie flag

Question

I have set the following property in websphere for the jsession cookie com.ibm.ws.webcontainer.HTTPOnlyCookies.

Any idea how best to test this using Jav

Answer 1

add the following lines to your app String

sessionid = request.getSession().getId();
response.setHeader("SET-COOKIE", "JSESSIONID=" + sessionid + "; secure; HttpOnly");