[Catalyst] Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)

will trillich will.trillich at serensoft.com
Mon Feb 21 03:32:07 GMT 2011


Catalyst::Plugin::Session::State::Cookie shows how to make a secure cookie,
which is great when you're rolling cookies by hand in your code.

But how do you set a secure cookie in the context of a myapp.conf setup?

<session>
    flash_to_stash =3D 1
    dbic_class     =3D MyApp::Session
    expires        =3D 3600
    cookie_secure =3D 1 # just kidding
</session>

That's not doing the trick. Which doc reveals the right mojo?

=3D=3D=3D

This is in pursuit of stopping the Explorer error "This page contains both
secure and nonsecure items..." Other than the doctype and the <html
xmlns=3D""> attribute, we can't find any http:// references, even looking in
css @import and url() ... so the next culprit seems to be the nonsecure
cookie. Other guidance is more than welcome!


-- =

The first step towards getting somewhere is to decide that you are not going
to stay where you are.  -- J.P.Morgan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20110220/65d82=
804/attachment.htm


More information about the Catalyst mailing list