[Catalyst] Making secure session cookies (or, how do we make Explorer stop complaining about nonsecure content on a secure page?)

Oroszi, Róbert robert at oroszi.net
Mon Feb 21 14:06:07 GMT 2011


if you're using non-ssl javascript cdn you should embed javascript ( or css
) like this:

<script type=3D"text/javascript" src=3D"//code.jquery.com/jquery-latest.min=
.js
"></script>

"//" - its a protocolless javascript embedding technique :)

good luck :)

ps: it works with images, css, javascript too

2011/2/21 Jason Galea <lists at eightdegrees.com.au>

> you're not using a non-ssl cdn for your javascript libraries? (had me
> searching once..)
>
> On Mon, Feb 21, 2011 at 1:32 PM, will trillich
> <will.trillich at serensoft.com> wrote:
> > Catalyst::Plugin::Session::State::Cookie shows how to make a secure
> cookie,
> > which is great when you're rolling cookies by hand in your code.
> > But how do you set a secure cookie in the context of a myapp.conf setup?
> > <session>
> >     flash_to_stash =3D 1
> >     dbic_class     =3D MyApp::Session
> >     expires        =3D 3600
> >     cookie_secure =3D 1 # just kidding
> > </session>
> > That's not doing the trick. Which doc reveals the right mojo?
> > =3D=3D=3D
> > This is in pursuit of stopping the Explorer error "This page contains
> both
> > secure and nonsecure items..." Other than the doctype and the <html
> > xmlns=3D""> attribute, we can't find any http:// references, even looki=
ng
> in
> > css @import and url() ... so the next culprit seems to be the nonsecure
> > cookie. Other guidance is more than welcome!
> >
> > --
> > The first step towards getting somewhere is to decide that you are not
> going
> > to stay where you are.  -- J.P.Morgan
> >
> > _______________________________________________
> > List: Catalyst at lists.scsys.co.uk
> > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> > Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> > Dev site: http://dev.catalyst.perl.org/
> >
> >
>
>
>
> --
> Jason Galea
> Web Developer
>
> Ph 07 40556926
> Mob 04 12345 534
> www.eightdegrees.com.au
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20110221/2d2eb=
072/attachment.htm


More information about the Catalyst mailing list