要设置会话安全且仅限http,我已在程序中包含以下代码
String sessionid = request.getSession().getId();
response.setHeader("SET-COOKIE", "JSESSIONID=" + sessionid + "; HttpOnly");
servlet代码是
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setHeader("Expires", "Sat, 6 May 1995 12:00:00 GMT");
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Pragma", "no-cache");
String sessionid = request.getSession().getId();
response.setHeader("SET-COOKIE", "JSESSIONID=" + sessionid + "; HttpOnly");
ServletOutputStream out = response.getOutputStream();
HttpSession l_session = this.sess_regen(request);
//l_session.setMaxInactiveInterval(5); No Enough Rows Found to Peform Calculation
*estsession l_s = (estsession)l_session.getAttribute("ge_session");*
if(l_s == null) { out.println("Illegal Attempt"); return; }
String res = l_s.captcha_id;
response.setContentType("image/jpg");
BufferedImage image = new BufferedImage(85, 35, BufferedImage.TYPE_BYTE_INDEXED);
但是空指针异常发生在代码中的斜体上。对此有任何帮助。