Published by Mijingo

movie icon image

EE Insider Blog

Spend your time learning and developing sites with ExpressionEngine and we'll use this blog to keep you informed of all the news related to ExpressionEngine and CodeIgniter.

» Read more in the Archives.

» Have a tip? Send us your EE news.

Learn ExpressionEngine Today

Over a series of 8 videos, watch and learn as Ryan builds an entire ExpressionEngine website from beginning to end. Get started now.

Matt Weinberg on SSL and Cookies

Matt Weinberg (Vector Media Group), who gave a great talk a few years ago on e-commerce and PCI compliance at EECI in San Francisco, chimes in on the EE StackExchange about variable SSL and cookies.

The full set of cookies for matching domains is transmitted by the browser with each page request to that domain, even if the original cookies were set using HTTPS/SSL and the current page is HTTP.

One way around this is by setting the “secure” flag on cookies you set. Any cookies set with the “secure” flag will only get transmitted by browsers when connecting to HTTPS pages.

Read the entire thread on StackExchange

Posted on Jul 02, 2014 by Ryan Irelan

Filed Under: Community, Stack Exchange, E-commerce