Re: [users@httpd] Source of JSESSIONID Cookie

Wed, 19 Jan 2022 09:50:49 -0800 

In Chrome you can view cookie details via:
Settings | Security and Privacy | Cookies and other site data | See all cookies and site data There exists a 'Search cookies' feature which should help you find the origin of your cookies in question. 


Once located you can see if that origin is relevant to the network 
requests as indicated in DevTools.



This might or might not help as your original posts indicates some 
messages of rejected cookies.

It can't hurt to see if you have any record of them in you cookie cache.
Although JSESSIONID sounds like a very common java related cookie.


I believe you should see some record of the rejected cookie if you 
examine all the response headers in each subrequest in DevTools (under 
the Network tab). Even if the cookie is rejected there should be an 
attempt to set it visible in the response headers.


Jim


On 1/19/2022 11:24 AM, John wrote:

Thanks for the suggestion Jim.

I checked and it just gets weirder.  The cookies that are being
reported and that seem to be responsible for my problems are arising
in other web pages that might not even be open at the moment.  Some of
them I recognize as belonging to functions that I used earlier today
and seem to be just hanging around.

Not that that excuses them, and I will start a project to update them
to have "samesite" cookies, but some of these pages are over a decade
old and have been in use longer than the samesite attribute.

That said, the JSESSIONID cookie is not one of them and I still don't
know where it is being set or by which page.

Thanks for the help and the knowledge increment!

John
=================

On Tue, 2022-01-18 at 18:33 -0500, Jim Albert wrote:

On 1/18/2022 3:36 PM, John wrote:

These are default cookies from somewhere; my code doesn't set or
manage them.


Focusing on this portion of your response:
"These are default cookies from somewhere; my code doesn't set or
manage
them."

... using your browser's Developer Tools (F12), look at the Response
Header to learn more about specific cookies as in what element of
your
request results in the relevant Set-Cookie header.

Jim





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org























					Reply via email to