Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Set "HttpOnly" & "Secure" flag to all cookies Magento 1

‎10-13-2020 03:47 AM
‎10-13-2020 03:47 AM

Set "HttpOnly" & "Secure" flag to all cookies Magento 1

In Magento 1

I can see many of the cookie are without Secure flag and HttpOnly set on website.

Is their any way to set Secure flag and HttpOnly set on all server Cookie ?

I need to make all server cookie secure.

I have tried “Use HTTP Only” option in Magento to add "httponly" flag in cookies.

System > Configuration > General > Web > Session Cookie Management

It works but not for all cookies. Also i have tried

override isSecure from Mage_Core_Model_Cookie model, method:

public function isSecure() {

return $this->_getRequest()->isSecure();

}

But, This does not work. Any thoughts on this ?

Thankyou

Labels:
0 Kudos
1 REPLY 1
‎10-13-2020 03:47 AM
‎10-13-2020 03:47 AM

Re: Set "HttpOnly" & "Secure" flag to all cookies Magento 1

https://magento.stackexchange.com/questions/322454/how-to-add-httponly-attribute-set-on-existing-coo...

0 Kudos