</servlet-mapping>
<session-config>
<session-timeout>
- 30
- </session-timeout>
+ 30
+ </session-timeout>
+ <cookie-config>
+ <http-only>true</http-only>
+ </cookie-config>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>