There is a 'secure' flag for cookies to make sure
they are only transfered during a secure session.
I would assume it would have to be set initially
via a secure request too.
--
Hari
On Tue, Oct 14, 2003 at 06:35:55PM -0700, Tofu Optimist wrote:
Many thanks Hari.
Turns I was having an
Hi -- I have a site which mananges photos for
visitors. I log cookies to a log file using the
recipe from
http://perl.apache.org/docs/2.0/user/handlers/http.html#PerlLogHandler.
Here's the code
package CookLog;
use strict;
use warnings;
use Fcntl qw(:flock);
sub handler {
my $r = shift;
Many thanks Hari.
Turns I was having an acme.com vs. www.acme.com
cookie descrepancy, and I didn't notice the obvious
until you reminded me.
I am glad it wasn't a mod_perl or apache oddity!
Curious: does scheme matter? That is,
can a cookie set by http://acme.com be read by
https://acme.com,
