[Catalyst] Making secure session cookies (or, how do we make
Explorer stop complaining about nonsecure content on a secure page?)
Jason Galea
lists at eightdegrees.com.au
Mon Feb 21 06:08:35 GMT 2011
you're not using a non-ssl cdn for your javascript libraries? (had me
searching once..)
On Mon, Feb 21, 2011 at 1:32 PM, will trillich
<will.trillich at serensoft.com> wrote:
> Catalyst::Plugin::Session::State::Cookie shows how to make a secure cookie,
> which is great when you're rolling cookies by hand in your code.
> But how do you set a secure cookie in the context of a myapp.conf setup?
> <session>
> flash_to_stash = 1
> dbic_class = MyApp::Session
> expires = 3600
> cookie_secure = 1 # just kidding
> </session>
> That's not doing the trick. Which doc reveals the right mojo?
> ===
> This is in pursuit of stopping the Explorer error "This page contains both
> secure and nonsecure items..." Other than the doctype and the <html
> xmlns=""> attribute, we can't find any http:// references, even looking in
> css @import and url() ... so the next culprit seems to be the nonsecure
> cookie. Other guidance is more than welcome!
>
> --
> The first step towards getting somewhere is to decide that you are not going
> to stay where you are. -- J.P.Morgan
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
>
--
Jason Galea
Web Developer
Ph 07 40556926
Mob 04 12345 534
www.eightdegrees.com.au
More information about the Catalyst
mailing list