[Catalyst] Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)

will trillich will.trillich at serensoft.com
Mon Feb 21 03:32:07 GMT 2011

Catalyst::Plugin::Session::State::Cookie shows how to make a secure cookie,
which is great when you're rolling cookies by hand in your code.

But how do you set a secure cookie in the context of a myapp.conf setup?

    flash_to_stash =3D 1
    dbic_class     =3D MyApp::Session
    expires        =3D 3600
    cookie_secure =3D 1 # just kidding

That's not doing the trick. Which doc reveals the right mojo?


This is in pursuit of stopping the Explorer error "This page contains both
secure and nonsecure items..." Other than the doctype and the <html
xmlns=3D""> attribute, we can't find any http:// references, even looking in
css @import and url() ... so the next culprit seems to be the nonsecure
cookie. Other guidance is more than welcome!

-- =

The first step towards getting somewhere is to decide that you are not going
to stay where you are.  -- J.P.Morgan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20110220/65d82=

More information about the Catalyst mailing list