public static void setBrowserInfiniteCookie( HttpServletResponse response, String value, int nServerPort) { String params = null; if ((443 == nServerPort) || (8443 == nServerPort)) { params = "; path=/; HttpOnly; Secure"; } else { params = "; path=/; HttpOnly"; } response.setHeader("SET-COOKIE", "infinitecookie=" + value + params); // (all this is needed in order to support HTTP only cookies) } // TESTED