I've run into the problem where a session cookie gets lost when you
start on http and move to https. The reason seems to be that
'secure=true' is set on the session cookie when you start on https,
preventing the cookie from being passed to the http page.
I found the following in the archives:
You can maintain your session going http->https. You can't maintain
your
session https->http (unless you previously did a http->https).
Is there any way to change the configuration to always use non-secure
session cookies?
If there is not, is there a standard workaround? I hate the hack of
redirecting to make sure that first access is not secure.
Thanks much,
Andrew
- Re: https --> http session problem Andrew Mottaz
- Re: https --> http session problem Bill Barker
- Re: https --> http session problem Andrew Mottaz
- Re: https --> http session problem Bill Barker
- Re: https --> http session problem Andrew Mottaz
- Re: https --> http session problem Adam Hardy
- Re: https --> http session prob... Andrew Mottaz
- Re: https --> http session ... Adam Hardy
- UNSUBSCRIBE!!! ArcherDaPunk
- RE: UNSUBSCRIBE!!! Jean B. Denis
- Re: UNSUBSCRIBE!!! Ubqtous