Session cookie flag

if a session cookie has its http flag set to true and this setting is not set in php.ini then what might be causing that?

What might be the origin of such a setting?

What do you mean by a session cookie? Perhaps it’s just me but I’ve not heard the term before.

1 Like

If the default for the httponly flag in session_set_cookie_params() is FALSE
And the php.ini setting for session.cookie_httponly is not set to TRUE

Then the script must have an ini_set changing it somewhere no?

Ι found the origin of it after all…thanks.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.