Page 1 of 1

How do you keep a cookie between HTTP and HTTPS ?

Posted: Thu Mar 10, 2011 1:16 am
by smashhell
Hello, I have been trying to implement HTTPS/SSL into my site.

My web host does provides a free shared SSL for me to use.

The problem I am having is that since it is a free shared SSL service, the secured page will not be under my URL (actually, it will be https://secured.hostmonster.com). Which means my cookies for my site will not carry over /or carry back when I redirect back.

How do I keep the cookie between HTTP and HTTPS ? Is there a quick way to do it with cookie setting or something ?

Thanks a bunch ! :D

Re: How do you keep a cookie between HTTP and HTTPS ?

Posted: Thu Mar 10, 2011 7:59 am
by Darhazer
there is no quick way. Google for cross domain cookies. Or better - buy SSL certificate for your domain :)

Re: How do you keep a cookie between HTTP and HTTPS ?

Posted: Thu Mar 10, 2011 4:05 pm
by smashhell
Darhazer wrote:there is no quick way. Google for cross domain cookies. Or better - buy SSL certificate for your domain :)
I see. I guess I will have to look into buying SSL certificate than. It's gonna cost extra money though. :?

Re: How do you keep a cookie between HTTP and HTTPS ?

Posted: Thu Mar 10, 2011 7:48 pm
by smashhell
Darhazer wrote:there is no quick way. Google for cross domain cookies. Or better - buy SSL certificate for your domain :)
Oh so if I brought a SSL certificate and the secure site will be on the same domain, will the cookie be shared ?

I mean will cookies be shared between HTTP and HTTPS (since the web address will still have a difference of a "s")?

Thanks !

Re: How do you keep a cookie between HTTP and HTTPS ?

Posted: Fri Mar 11, 2011 2:27 am
by Darhazer
As long as you do not set the cookie with the $secure flag set to true, the cookie will be shared between http and https. It can be shared by all subdomains as well.