session-cookies

Check if cookies are enabled

时光毁灭记忆、已成空白 提交于 2019-11-26 10:23:37
I am working on a page that requires javascript and sessions. I already have code to warn the user if javascript is disabled. Now, I want to handle the case where cookies are disabled, as the session id is stored in cookies. I have thought of just a couple ideas: Embedding the session id in the links and forms Warn the user they must enable cookies if they are disabled (would need help detecting if cookies are disabled) What is the best way to approach this? Thanks EDIT Based on the articles linked, I came up with my own approach and thought I would share, somebody else might be able to use it

How do I create persistent sessions in PHP?

徘徊边缘 提交于 2019-11-26 09:33:26
问题 I used session_start() to initiate a session in PHP, but when my browser closes, the session is gone. How do I use PHP to create persistent sessions that last across browser closes? 回答1: See the php.ini value session.cookie_lifetime. The default value of 0 means to end the session when the browser closes. You can override this value either directly in php.ini or set it in your application prior to starting the session using ini_set. Setting it to something greater than 0 will cause the

Switching between HTTP and HTTPS pages with secure session-cookie

*爱你&永不变心* 提交于 2019-11-26 09:31:41
问题 Update: Note that every website switching between unsecure HTTP and encrypted HTTPS pages, is inevitable prone to SSL-strip. Please think about using HTTPS for the whole site, although this neither can prevent SSL-strip, at least this gives the user the possibility to call the site safely, if he cares. For sites that need to switch, this method is probably still the best option. It\'s a common scenario, that a website has pages with sensitive data, which should be accessed only with the HTTPS

How does cookie “Secure” flag work?

泪湿孤枕 提交于 2019-11-26 09:29:24
问题 I know that a cookie with secure flag won\'t be sent via an unencrypted connection. I wonder how this works in-depth. Who is responsible for determining whether the cookie will be sent or not? 回答1: The client sets this only for encrypted connections and this is defined in RFC 6265: The Secure attribute limits the scope of the cookie to "secure" channels (where "secure" is defined by the user agent). When a cookie has the Secure attribute, the user agent will include the cookie in an HTTP

What is the difference between Sessions and Cookies in PHP?

为君一笑 提交于 2019-11-26 08:05:44
问题 What is the distinction between Sessions and Cookies in PHP? 回答1: A cookie is a bit of data stored by the browser and sent to the server with every request. A session is a collection of data stored on the server and associated with a given user (usually via a cookie containing an id code) 回答2: Cookies are used to identify sessions. Visit any site that is using cookies and pull up either Chrome inspect element and then network or FireBug if using Firefox. You can see that there is a header

Selenium: Point towards default Chrome session

拟墨画扇 提交于 2019-11-26 07:49:47
问题 Though I realize it\'s NOT \"good\" practice - I have a use case where I need to point (hook up) the Selenium driver to my default Chrome session/profile. My default profile is here: ~/Library/Caches/Google/Chrome/Default Here is how I\'m seting it up currently: (not working) from selenium import webdriver options = webdriver.ChromeOptions() options.add_argument(\"--user-data-dir=~/Library/Caches/Google/Chrome\") options.add_argument(\"--profile-directory=Default\") browser = webdriver.Chrome

How to set expiration date for cookie in AngularJS

风流意气都作罢 提交于 2019-11-26 06:25:42
问题 We want to store User\'s Authorization information in cookie which should not be lost upon refresh (F5) of browser. We want to store authorization info in \"permanent-cookie\" in case user has opted for \"Remember Me\" check box at the time of log-on. 回答1: This is possible in the 1.4.0 build of angular using the ngCookies module: https://docs.angularjs.org/api/ngCookies/service/$cookies angular.module('cookiesExample', ['ngCookies']) .controller('ExampleController', ['$cookies', function(

Login to Google with PHP and Curl, Cookie turned off?

岁酱吖の 提交于 2019-11-26 06:01:00
问题 I have this code for logging into Google using Simple DOM Parser with curl. I\'ve tried adding in the cookiejar file, but to no avail. I keep getting the message: Your browser\'s cookie functionality is turned off. Please turn it on. Any idea on how to solve this? Here\'s my code for reference: $html = file_get_html(\'https://accounts.google.com/ServiceLogin?hl=en&service=alerts&continue=http://www.google.com/alerts/manage\'); //... some code for getting post data here $curl_connection = curl

What is the difference between session_unset() and session_destroy() in PHP?

不打扰是莪最后的温柔 提交于 2019-11-26 05:57:29
问题 From the php.net documentation: session_destroy — Destroys all data registered to a session session_unset — Free all session variables My three part question is: The two functions seem very similar. What is really the difference between the two? Both seem to delete all variables registered to a session. Does any of them actually destroy the session itself? If not, how do you accomplish this (destroy the session itself). Is it correct that neither of the two functions deletes the session

Why not generate the secret key every time Flask starts?

流过昼夜 提交于 2019-11-26 02:59:06
问题 When using sessions, Flask requires a secret key. In every example I\'ve seen, the secret key is somehow generated and then stored either in source code or in configuration file. What is the reason to store it permanently? Why not simply generate it when the application starts? app.secret_key = os.urandom(50) 回答1: The secret key is used to sign the session cookie. If you had to restart your application, and regenerated the key, all the existing sessions would be invalidated. That's probably
订阅 session-cookies