Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Cookie across HTTP and HTTPS in PHP

How can I set a cookie in PHP that is readable both in HTTP and HTTPS?

If this isn't possible, what can be done? Set two cookies?

like image 526
Paulo Coghi Avatar asked Feb 23 '10 19:02

Paulo Coghi


People also ask

Are cookies shared between http and https?

Cookies can't be shared between domains so the http and https pages would need to be on thesame domain as a minimum (which would mean having your own dedicated IP address and security certificate for your domain.

How does PHP handle HTTP cookies?

Accessing Cookies with PHP Simplest way is to use either $_COOKIE or $HTTP_COOKIE_VARS variables. Following example will access all the cookies set in above example. You can use isset() function to check if a cookie is set or not.

Can PHP send and receive cookies?

A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests a page with a browser, it will send the cookie too. With PHP, you can both create and retrieve cookie values.

Can PHP set cookies?

With PHP, you can both create and retrieve cookie values. The name of the cookie is automatically assigned to a variable of the same name. For example, if a cookie was sent with the name "user", a variable is automatically created called $user, containing the cookie value.


1 Answers

By default, a cookie can be read by both http and https at the same URL.

However, a server can optionally specify the 'secure' flag while setting a cookie this tells the browser to only send it over a secure channel, such as an SSL connection.

In this case the cookie will only be sent over https. A cookie not marked as secure will be sent over both http and https.

like image 190
Andrew Strong Avatar answered Sep 22 '22 09:09

Andrew Strong