I was talking with a friend, and he suggested I store my shopping cart
data in cookies, then I wouldn't need sessions until I got to the
checkout pages (where they are getting set securely). Do you have an
opinion on this, it seems easier than implementing sub domains to me.
Also, thank you so
On Jun 10, 2:21 am, Skye Weir-Mathews wrote:
> The thing that is confusing me is that, I have the :secure
> session_option set, but when I go to an insecure page the Set-Cookie
> _session_id header is passed to me, and this appears to be replacing the
> _session_id cookie I got when I was on the
The thing that is confusing me is that, I have the :secure
session_option set, but when I go to an insecure page the Set-Cookie
_session_id header is passed to me, and this appears to be replacing the
_session_id cookie I got when I was on the secure page.
Both secure and insecure pages are sen
On Jun 8, 11:35 pm, Skye Weir-Mathews wrote:
> If my session_id cookie is set by a request to a https page, and I stay
> on https pages, my session_id cookie persists and I can see my session
> data.
>
> If I navigate to an unencrypted page, my session_id gets reset and I
> lose access to all m
4 matches
Mail list logo
