How do you keep a cookie between HTTP and HTTPS ?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
smashhell
Forum Newbie
Posts: 14
Joined: Fri May 22, 2009 2:54 am

How do you keep a cookie between HTTP and HTTPS ?

Post by smashhell »

Hello, I have been trying to implement HTTPS/SSL into my site.

My web host does provides a free shared SSL for me to use.

The problem I am having is that since it is a free shared SSL service, the secured page will not be under my URL (actually, it will be https://secured.hostmonster.com). Which means my cookies for my site will not carry over /or carry back when I redirect back.

How do I keep the cookie between HTTP and HTTPS ? Is there a quick way to do it with cookie setting or something ?

Thanks a bunch ! :D
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: How do you keep a cookie between HTTP and HTTPS ?

Post by Darhazer »

there is no quick way. Google for cross domain cookies. Or better - buy SSL certificate for your domain :)
smashhell
Forum Newbie
Posts: 14
Joined: Fri May 22, 2009 2:54 am

Re: How do you keep a cookie between HTTP and HTTPS ?

Post by smashhell »

Darhazer wrote:there is no quick way. Google for cross domain cookies. Or better - buy SSL certificate for your domain :)
I see. I guess I will have to look into buying SSL certificate than. It's gonna cost extra money though. :?
smashhell
Forum Newbie
Posts: 14
Joined: Fri May 22, 2009 2:54 am

Re: How do you keep a cookie between HTTP and HTTPS ?

Post by smashhell »

Darhazer wrote:there is no quick way. Google for cross domain cookies. Or better - buy SSL certificate for your domain :)
Oh so if I brought a SSL certificate and the secure site will be on the same domain, will the cookie be shared ?

I mean will cookies be shared between HTTP and HTTPS (since the web address will still have a difference of a "s")?

Thanks !
User avatar
Darhazer
DevNet Resident
Posts: 1011
Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria

Re: How do you keep a cookie between HTTP and HTTPS ?

Post by Darhazer »

As long as you do not set the cookie with the $secure flag set to true, the cookie will be shared between http and https. It can be shared by all subdomains as well.
Post Reply