Menu
How can I set the cookies in my PHP apps as HttpOnly cookies?
711
Accessing Cookies with PHP Simplest way is to use either $_COOKIE or $HTTP_COOKIE_VARS variables. Following example will access all the cookies set in above example. You can use isset() function to check if a cookie is set or not.
An HttpOnly Cookie is a tag added to a browser cookie that prevents client-side scripts from accessing data. It provides a gate that prevents the specialized cookie from being accessed by anything other than the server.
For PHP's own session cookies on Apache:
add this to your Apache configuration or .htaccess
<IfModule php5_module> php_flag session.cookie_httponly on </IfModule> This can also be set within a script, as long as it is called before session_start().
ini_set( 'session.cookie_httponly', 1 ); If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
