This might seem like a really stupid question....
Is the data transfered through HttpServletRequest.setAttribute(String, Object) and HttpServletRequest.getAttribute(String) visible to traffic outside the web server. Meaning, are these objects transfered through URL rewritting/cookies or are they just within the java application. Basically, can i pass sensitivy data through these methods w/o compromising security?
My guess is yes....any opinions?
Thanks!
Is the data transfered through HttpServletRequest.setAttribute(String, Object) and HttpServletRequest.getAttribute(String) visible to traffic outside the web server. Meaning, are these objects transfered through URL rewritting/cookies or are they just within the java application. Basically, can i pass sensitivy data through these methods w/o compromising security?
My guess is yes....any opinions?
Thanks!