- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any way to make all the cookies to secure at a time In Magento 1
I tried the following Setting in Magento 1 configuration
System->configuration->(General) > Web > session cookie management->use HTTP Only->Yes
But still, cookies are not set to HTTPOnly
I want both attributes HttpOnly and secure should be set
Let me know if anything I can do for this.
Thank You.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I want to make it for all the cookies.
This is generated in the report by running a WAS scan by Qualys.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Magento 1 Cookie Does Not Contain The "secure" Attribute
please check the below article this might help you.
where-is-secure-tag-in-magento-cookie-on-ssl-secure-site
Hope this helps.
Problem Solved?Click Accept as solution or give kudos.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Magento 1 Cookie Does Not Contain The "secure" Attribute
Hi @smita_kagwade
What do you mean by all cookies?
All the cookies set by Magento or any other cookies also used in the domain?
Problem Solved Click Accept as Solution!:Magento Community India Forum
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Magento 1 Cookie Does Not Contain The "secure" Attribute
@smita_kagwade
Please visit Need suggestions regarding "Missing Secure Flag From SSL Cookie (http-cookie-secure-flag)"
Problem Solved Click Accept as Solution!:Magento Community India Forum
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Magento 1 Cookie Does Not Contain The "secure" Attribute
override isSecure from Mage_Core_Model_Cookie model, method:
public function isSecure() {
return $this->_getRequest()->isSecure();
}
Well, This does not work.
Any thoughts what needs to be checked further in code ?