Stack Overflow
Stack Overflow

Questions tagged [session-cookies]

Session cookies enable a server and a browser to establish an identified connection (through cookies) and communicate though it.

Session cookies are temporary files that exist for a particular user for a pre-defined duration. Once this duration is expired, the session cookies are erased.

Session cookies allow a website to keep a state or memory of the visitor as they navigate between pages of the website.

4816 questions
16
votes
2 answers

iphone bookmarklet cookie persistence

I have an iphone (jqtouch based) web app that uses cookies for authentication. The use flow is as follows : user goes to the mobile landing page and is instructed to save the page as a bookmarklet on their home page. they launch the bookmarklet to…
Larry Davis
  • 181
  • 4
16
votes
1 answer

Express session with different cookie domain per request?

I have a situation where an app can be accessed from multiple different domains. For instance, foo.com and bar.com could both in theory point to my app. Additionally, their subdomains can also point to my app, so for instance red.foo.com and…
Alex Turpin
  • 46,743
  • 23
  • 113
  • 145
16
votes
3 answers

Can't delete cookie with AngularJS's $cookies

My web app is made so that when a user logs in the server adds a Set-Cookie header to the response, like this: Set-Cookie:JSESSIONID=1; Path=/myApp/; Secure On logout I try to delete this cookie on the client (browser), as I don't care if the…
Joe Dyndale
  • 1,073
  • 1
  • 15
  • 32
16
votes
5 answers

Is a PHP Session acceptable with the new UK cookie law?

I am just looking for some advice on the new UK Cookie Law and how it affects PHP sessions. I understand that you do not need the users to opt in when a cookie is "strictly necessary" and the example given is adding an item to a shopping cart. I am…
Ian Jamieson
  • 4,376
  • 2
  • 35
  • 55
15
votes
3 answers

How does Cloudflare detect that I am a bot even though I have provided the cf_clearance cookie?

How does Cloudflare even know that this request came from a script even if I provided all the data, cookies and parameters when making a normal request? What does it check for? Am I doing something wrong? For example (I have redacted some of the…
Anm
  • 447
  • 4
  • 15
15
votes
2 answers

Why Base64 is used in JWTs?

I am trying to understand JSON Web Tokens and got to learn that Base64 is the encoding used in them. As base64 can be decoded easily, my question is why to use them. Why not use a one-way hash function to generate the token? Please spare me if the…
abi24m
  • 161
  • 1
  • 1
  • 5
15
votes
1 answer

Logging on ISP Config broke my PHP sessions and cookies forever

To explain my problem I have to add some context info: We have a website, it works with sessions and has been working for 7 years with no problems, except for our server administrator, he can not login, and we never knew why... until now... Our…
stramin
  • 2,183
  • 3
  • 29
  • 58
15
votes
1 answer

Session management in Next.js

I am using nextjs in my reactjs project. In nextjs the getInitialProps() is called on the serverend for the first page load, and because of that we cannot access the localstorage to get sessions. How can we manage sessions properly with nextjs.
Sarfraz
  • 425
  • 2
  • 5
  • 19
15
votes
1 answer

How do you change the Play 2.1! Framework session cookie name

How do I configure the namne of the SESSION cookie in Play 2.1? By default Play seems to create a cookie called 'PLAY_SESSION'. How can I customise the name? Thanks
James Leyton
  • 171
  • 5
14
votes
7 answers

How to delete/unset a cookie on php?

I want to unset/delete my existing cookie with this: setcookie ("user", "", time()-1); unset($user); But cookies can not be deleted or unset. So what is problem?
Someone
  • 736
  • 2
  • 12
  • 29
14
votes
3 answers

How do I set HttpOnly cookie in Django?

How do I set HttpOnly cookie in Django? And is it worth the effort to prevent XSS?
Aviah Laor
  • 3,620
  • 2
  • 22
  • 27
14
votes
2 answers

Setting Node.js Express session expiration time in SessionStore in stead of in cookie

Everything I can find on Express Sessions expiring times is about setting the cookie. session.cookie.expires = null; // Browser session cookie session.cookie.expires = 7 * 24 * 3600 * 1000; // Week long cookie But the expire date of cookies is…
Redsandro
  • 11,060
  • 13
  • 76
  • 106
14
votes
2 answers

How to add to Azure Session Cookies HttpOnly and Secure attributes

In my ASP.NET MVC 4 application I use a third-party service. And one of the service's terms of use is adding to all session cookies HttpOnly and Secure attributes. WebSite hosted on Windows Azure and works on SSL. I added to root web.config the…
pryabov
  • 702
  • 2
  • 7
  • 23
14
votes
1 answer

Javascript cookie without a leading dot

I want to clear a cookie using javascript that was originally created server-side. Whenever I create a cookie using javascript I get a leading dot on my domain so I cannot overwrite the server's cookie. function clearCookie(name, domain, path){ …
afemath
  • 181
  • 1
  • 6
14
votes
4 answers

No Session Cookies on Internet Explorer 9 AJAX requests

Internet Explorer 9 is not sending session cookies with my AJAX requests. When I issue an authentication request to my API via AJAX, it returns a response that sets a session cookie. Subsequent calls to the API via AJAX do not send the cookie back…
Not Specified
  • 191
  • 2
  • 7
1 2 3
99 100