Reputation: 189
php.ini session.cookie_domain - what to put?
what should I put in session.cookie_domain in my php.ini file?
my domain is: https://www.domain.com (with https and www)
I see people put just domain.com. what should i put if i have https and www?
here is the code im referring to:
; The domain for which the cookie is valid.
; http://php.net/session.cookie-domain
session.cookie_domain =
Upvotes: 2
Views: 2348
Answers (2)
Reputation: 18950
I wanted to reiterate and add some references to the PHP runtime configuration documentation since this is indeed easy to miss:
The session_set_cookie_params documentation states in the Parameters section:
domain
Cookie domain, for example 'www.php.net'. To make cookies visible on all subdomains *then the domain must be prefixed with a dot like '.php.net'.
So, we can defer that .php.net allows all subdomains *.php.net which also includes http://php.net.
Upvotes: 0
Reputation: 36924
domain.commean only//domain.com..domain.commean//domain.combut also//www.domain.comor//subdomain.domain.comIf you want to send the cookie only over secure connections (https), enable the
session.cookie_secureoption. Otherwise the cookie will be set even if you're using thehttpprotocol.
Upvotes: 2
Related Questions
- more than 1 session.cookie_domain in php.ini
- PHP / Apache how to set session.cookie_domain from outside php.ini
- PHP Cookies for multiple Domains
- php.ini set session cookie secure
- PHP Multi-Domain Sessions; ini_set Not Working?
- Proper use of session_start() with session.cookie_domain
- Why are there 2 places to set session.cookie_lifetime in php.ini
- php cookie with domain parameter
- session.cookie_domain in php.ini - issues with POSTing forms
- Difference between Host and Domain in Cookie parameters PHP