]> git.mxchange.org Git - pizzaservice-war.git/blobdiff - web/WEB-INF/web.xml
projects / pizzaservice-war.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
added some http-only configuration to avoid common XSS
[pizzaservice-war.git] / web / WEB-INF / web.xml
diff --git a/web/WEB-INF/web.xml b/web/WEB-INF/web.xml
index 131bbd9783284e86b5afe5578292cc9e72a67682..1cc23f32f58aeeb53405c89a47b3c2434b016c60 100644 (file)
--- a/web/WEB-INF/web.xml
+++ b/web/WEB-INF/web.xml
@@ -10,8 +10,8 @@
         <load-on-startup>1</load-on-startup>
     </servlet>
     <servlet>
-        <servlet-name>pdfRecipt</servlet-name>
-        <servlet-class>org.mxchange.pizzaapplication.servlet.receipt.PdfReceiptServlet</servlet-class>
+        <servlet-name>pdf</servlet-name>
+        <servlet-class>org.mxchange.pizzaapplication.servlet.receipt.PizzaPdfReceiptServlet</servlet-class>
     </servlet>
     <servlet-mapping>
         <servlet-name>Faces Servlet</servlet-name>
@@ -22,13 +22,16 @@
         <mime-type>text/plain</mime-type>
     </mime-mapping>
     <servlet-mapping>
-        <servlet-name>pdfRecipt</servlet-name>
+        <servlet-name>pdf</servlet-name>
         <url-pattern>/customer/recipt.pdf</url-pattern>
     </servlet-mapping>
     <session-config>
         <session-timeout>
-                       30
-               </session-timeout>
+            30
+        </session-timeout>
+        <cookie-config>
+            <http-only>true</http-only>
+        </cookie-config>
     </session-config>
     <welcome-file-list>
         <welcome-file>faces/index.xhtml</welcome-file>
Unnamed repository; edit this file 'description' to name the repository.