On Tue, Aug 16, 2011 at 1:01 PM, Jen Rasmussen <jen@xxxxxxxxxxxxxxxx> wrote: > Thank you in advance for your input on my question here . > > > > I am currently running PHP 5.1.6 and would prefer to set both the secure and > httpOnly flags for a session cookie, > > however, httpOnly is not added until PHP 5.2. I have found an elegant way to > set it ( courtesy of : http://www.youtube.com/watch?v=UW0UhYfs1es ) but I am > unable to set both the secure and the httpOnly flags. I realize the post is > quite old, but doh!, so is my version of PHP J > > > > My guess is that if forced to choose, I should opt for secure but would > prefer to do so with any opinions you may offer in mind. I don't see the relevance of the address you cited above, but if you are referring to the workaround that I showed you last week -- http://marc.info/?l=php-general&m=131281548332245&w=2 -- you can easily extend the technique to set both flags. header('Set-Cookie: cookie_name=value; secure; HttpOnly'); Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
