php_begins Posted October 30, 2012 Share Posted October 30, 2012 So I am using this legacy application which is in php 4. I am trying to set the httponly flag and secure flag on. This is my code: header( "Set-Cookie:". $cookieName."=".$sessId."; expires=".$expireSeconds."; sessionID=".$sessId.";path=".$path."; domain=".$domain."; httponly; secure"); When I test it, The secure flag is set on but the httponly is not. Could it because the URL uses https protocol? Also, does the expire field take seconds. right now, $expireSeconds=14400; How do I modify the code to rectify this if it doesnt expect seconds as a parameter. Link to comment https://forums.phpfreaks.com/topic/270073-turning-on-https-flag-for-cookie/ Share on other sites More sharing options...
Muddy_Funster Posted October 30, 2012 Share Posted October 30, 2012 have you tried httponly=TRUE; Link to comment https://forums.phpfreaks.com/topic/270073-turning-on-https-flag-for-cookie/#findComment-1388724 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.