Login, set up of cookie and mix of http and https
Posted by elmotard
|
Login, set up of cookie and mix of http and https January 14, 2022 12:23PM |
Registered: 5 years ago Posts: 21 |
Hello,
On my site, the fact to be logged in phorum under http, allow to gain also access to some other parts of the site that are under https. It was working fine, until the last big update of Firefox, setting up cookies to lax by default. Doing so, the cookie are not readable anymore.
So, now, when i logged in under http, i can't go to the https part under Firefox (but it is still working with Chrome).
I did allowed to connect using login.php under https, thiking that it could be the solution, but it is not. it seems than in login.php it only allows a tmp cookie but not the final one that is set later ?
any idea to solve that ? or a bit of code to add ?
Thanks
Regards
On my site, the fact to be logged in phorum under http, allow to gain also access to some other parts of the site that are under https. It was working fine, until the last big update of Firefox, setting up cookies to lax by default. Doing so, the cookie are not readable anymore.
So, now, when i logged in under http, i can't go to the https part under Firefox (but it is still working with Chrome).
I did allowed to connect using login.php under https, thiking that it could be the solution, but it is not. it seems than in login.php it only allows a tmp cookie but not the final one that is set later ?
any idea to solve that ? or a bit of code to add ?
Thanks
Regards
|
Re: Login, set up of cookie and mix of http and https January 14, 2022 01:20PM |
Admin Registered: 17 years ago Posts: 560 |
Ultimately you will need to force https everywhere, or depend on the browser to upgrade http to https.
It can be forced in .htaccess or the Microsoft equivalent. You can go online to find the correct entries.
In the admin / General Settings / File/Path Settings --- HTTP Path , set it to https: // your site...
There is a MOD * Automatic HTTP Path: [www.phorum.org]
that may be of use.
It can be forced in .htaccess or the Microsoft equivalent. You can go online to find the correct entries.
In the admin / General Settings / File/Path Settings --- HTTP Path , set it to https: // your site...
There is a MOD * Automatic HTTP Path: [www.phorum.org]
that may be of use.
|
Re: Login, set up of cookie and mix of http and https January 14, 2022 01:26PM |
Registered: 5 years ago Posts: 21 |
|
Re: Login, set up of cookie and mix of http and https January 14, 2022 02:54PM |
Registered: 5 years ago Posts: 21 |
|
Re: Login, set up of cookie and mix of http and https January 14, 2022 04:15PM |
Admin Registered: 17 years ago Posts: 560 |
Look at login. php and user. php for further info.
Don't know if there is anything in the docs.
BTW you change domains if you go from https :// www. myforum. com to https :// myforum. com which will leave the cookie invalid.
Edited 1 time(s). Last edit at 01/14/2022 04:18PM by Scott Finegan.
Don't know if there is anything in the docs.
BTW you change domains if you go from https :// www. myforum. com to https :// myforum. com which will leave the cookie invalid.
Edited 1 time(s). Last edit at 01/14/2022 04:18PM by Scott Finegan.
|
Re: Login, set up of cookie and mix of http and https January 15, 2022 10:18AM |
Registered: 5 years ago Posts: 21 |
Sorry, only registered users may post in this forum.