Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [cookies]

132 questions
2
votes
2 answers

.htaccess - Remove all cookies

I want to make an existing domain a "CDN" domain that serves all images, CSS and JS files (i.e. static files). However that domain was parked earlier and some application on that domain has set cookies. As far as I can observe, I'd say that with…
BlaM
  • 3,886
  • 5
  • 27
  • 28
2
votes
1 answer

Nginx preventing cookie from being sent from front to back end

I'm running a Golang back end on port 12345 and an Angular front end on port 8080. They communicate via websockets on a page called /consultation. When I open the firewall for both ports and have them communicate via their IP and port addresses,…
nusantara
  • 141
  • 1
  • 5
2
votes
0 answers

Cookies aren't being set/overwritten through nginx reverse proxy

For some reason, when I'm proxying my API request through an nginx reverse proxy, my cookies aren't being overwritten with the new values. I've tried adding the following to my nginx config, but I'm not seeing any changes. In this situation, I'm…
robert.bo.roth
  • 121
  • 5
2
votes
1 answer

Set "Secure Flag" on Cookies for Only One (of many) Virtual Host on Apache

I'm hosting a number of sites on a single VPS (Debian Jessie, Apache 2.4). One of these sites forces HTTPS. On this and only this site, I would like to set the "Secure Flag" for cookies. I've found loads of resources explaining how to do this for…
kittykittybangbang
  • 131
  • 1
  • 1
  • 6
2
votes
0 answers

Cookie Secure Flag not persistent

I'm trying to implement a Secure flag for all cookies. I'm doing this via Headers. Here's how I did it: Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4" It successfully does its job on the first load. But on the…
jarvis
  • 2,006
  • 4
  • 18
  • 31
2
votes
1 answer

Varnish - Allow specific cookies for the backend?

I am trying figure out how to allow the backend to see tracking cookies on specific registration pages but ignore them on others. Currently, I'm trying to use a custom header sent from the backend to set beresp.ttl = 0s; inside the vcl_fetch: if…
Taylor
  • 21
  • 2
2
votes
1 answer

PRUM_EPISODES cookie

We have noticed an unusual cookie in our logs: PRUM_EPISODES=s=1379338025465&r=http%3A//www.example.com/demo.html I presume it's a 3rd party control on our site which creates this. Does anyone know which one?
Karl Glennon
  • 161
  • 13
2
votes
1 answer

GPO - Block 3rd party cookies for IE 8

I am trying to find some settings in GPOs that explicitly say, "Block 3rd Party cookies" in IE. I am looking under policies>admin template>windows components>IE> IE control panel>Security page. Should I look elsewhere for these? I don't really…
Chadddada
  • 1,680
  • 1
  • 19
  • 26
2
votes
1 answer

how to check the value of a cookie in varnish

I have a cookie for language. I want to check if this cookie is set and to check its value to redirect the user to specific page. the cookie name is Lang and its value might be En,Fr,or Ar if (req.http.Cookie ~ "Lang"){ //now i want to check for…
Alaa Alomari
  • 638
  • 6
  • 19
  • 37
2
votes
2 answers

Bad Request Due to "Bad" Cookie

I have a web site under a domain, where the main domain is using Google Analytics which sets a cookie named __utmva which is value is part binary. As far as I can tell passing this cookie to IIS returns Bad Request (400) - "The request is badly…
Shay Erlichmen
  • 176
  • 4
2
votes
0 answers

Vanilla .Net 4.0 website cannot identify some AppleWebKit based browsers

We are seeing some Safari browsers failing to cross-authenticate our website after we upgrade to .net 4.0 from .net 3.5. After much investigation, it turns out to be a problem with ASP.Net identifying the Safari browsers properly. ASP.Net…
Chad
  • 21
  • 1
2
votes
6 answers

How to cache websites using Varnish, PHP and Cookies

I consider starting using Varnish on my websites. I just tried out Varnish and I am wondering how to cache pages even if I my websites uses cookies, for Google Analytics. I am trying to remove them but it seems like Varnish isn't caching. This is…
Erik
  • 125
  • 1
  • 3
2
votes
1 answer

Does PHP *have* to serialize/unserialize session data between each HTTP request? Or is there a setting just to keep sessions in memory?

I think I understand why sessions are evil but for snappy client user experience I don't want to have to re-query the database on each HTTP request. (As a comparision, Java servlets can effortlessly keep tons of session objects in memory.) Can PHP…
Pete Alvin
  • 281
  • 2
  • 4
  • 12
2
votes
1 answer

Where does Chrome fetch my identity from after having deleted cookies?

I'm trying to figure out where does Google CHrome fetch my identity from when authenticating to an Identity Provider (SAML with certificate authentication) What I have tried : Delete all cookies, saved passwords, cache files Delete my personal…
MeMow
  • 292
  • 1
  • 7
1
vote
0 answers

Cookie Does Not Contain The secure and HTTPOnly Attribute

While running a Qualys Vulnerability Scan on a website which is being developed I got the following vulnerability: Cookie Does Not Contain The "HTTPOnly" Attribute Cookie Does Not Contain The "secure" Attribute My application running in ExpressJS,…
Krishan Kant Sharma
  • 111
  • 1
  • 3
1 2
3
8 9