Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cookie still set on HTTP with ini_set('session.cookie_secure',1);

Tags:

php

cookies

php-ini

My config file looks like this:

ini_set('session.cookie_secure',1);
ini_set('session.cookie_httponly',1);
ini_set('session.use_only_cookies',1);

session_start();
//database connection part...

When accessing this page via https://www.mysite.com/config.php, the PHPSESSID cookie it's "Secure" slot is empty. Visiting the page via http://www.mysite.com/config.php shows the exact same cookie, with the same value.

I'm new to this so maybe I'm wrong, but this shouldn't happen, right? What am I doing wrong?

Thanks!

like image 437
binoculars Avatar asked Oct 18 '25 04:10

binoculars

1 Answers

The ini_set method requires a string value so update your code to the following:

ini_set('session.cookie_secure', '1');
ini_set('session.cookie_httponly', '1');
ini_set('session.use_only_cookies', '1');

session_start();
like image 177
Danny Thompson Avatar answered Oct 20 '25 17:10

Danny Thompson
Sign in to Comment

Related questions

Automatically Login using session id stored in cookie

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!