[DEFECT] /api/content should not return JSESSIONID cookie

[yolabingo]

Problem Statement

/api/content/ requests should not return JSESSIONID session cookies

It is possible this impacts other APIs.

Steps to Reproduce

curl -s --head 'https://demo.dotcms.com/api/content/render/false/query/+contentType:Languagevariable%20+working:true/orderby/modDate%20desc'

HTTP/2 200
...
set-cookie: JSESSIONID=C0EFF3DA3BF6AD4A14CABB6861EA4E78; Path=/; Secure; HttpOnly; SameSite=Lax

Acceptance Criteria

Not sure

dotCMS Version

latest

Severity

Medium - Some functionality impacted

[github-actions]

PRs linked to this issue

• fix(session): the recent changes to analytics and timemachine created code that automatically created a session/cookie when called. This should not happen by @wezell

[wezell]

PR was here:

#34066