Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › Cookies Toolkit › Missing Secure Attribute in an Encrypted Ses

Missing Secure Attribute in an Encrypted Ses

Thread began 8/25/2009 12:16 am by DMCKIB339504 | Last modified 8/26/2009 10:24 am by DMCKIB339504 | 4522 views | 1 replies

8/26/2009 10:24 amEric Mittman

I have done some digging on this and here is what I have found. By default the cookies toolkit does not set the secure bit for cookies. However, if you use PHP you can do a quick update to set it this way. Here is an example of the set cookie code for PHP:

setcookie("secure_cookie", "1111", time()+(60*60*24*30), "/", "", 0);

It is this final 0 that makes the cookie secure, you can just update it so this last 0 is set to one like this:

setcookie("secure_cookie", "1111", time()+(60*60*24*30), "/", "", 1);

I did some testing with this and the cookie will not show on an http connection if it has the secure flag set like this.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.