Hide cookies from request or response header

Question

I want hide default cookie value from request and response header so that any request capturing tools don't show cookie value. i tried various blogs in which they are saying about secure set to true but it is for setting cookig value for https. But i wan't to hide cookie information from request or response header.

I am using jdk 1.5, servlet 2.4 and tomcat 5.35

Your question doesn't make any sense. That's the only place to cookie goes, so if you "hide it" from there, it doesn't exist at all. — David Schwartz, Jun 28 '12 at 07:15

score 0 · Answer 1 · answered Jun 28 '12 at 07:31

Cookies are the way information are passed back and forth. You cannot hide them from view.

You could try to work via HTTPS and use the secure-tag. Secure-Cookies will only be handled via HTTPS, and will not be plaintext for any capturing tool to see. If HTTPS is no option, then you're out of luck I guess.

Hide cookies from request or response header

1 Answers1