Firefox 2.0.0.5 and httpOnly
Seems like a little something slipped under the radar in the latest release of everyone’s favorite browser (Firefox 2.0.0.5) – the introduction of httpOnly cookies. I know it’s not supported across the board, but it’s a step in the right direction.
As Alex mentions and includes a code snippet for, it’s as easy as setting a “httpOnly” parameter when creating the cookie to get it to work correctly.
What are httpOnly cookies? Well, the simple answer is that they protect your information in the cookie by making it inaccessible once they’ve been set so as to not allow other sites (or even the site that set it) to get at it. It can only be used when accessed by a HTTP request and *not* a script request.
Also, happily, PHP allows this to be set right along with the other parameters in setcookie as supported in PHP 5.2. No better time to upgrade, eh?
Search
PHPDeveloper.org
- Benjamin Eberlei’s Blog: Resources for a PHP and Hudson CI Integration
- CatsWhoCode.com: How to easily monitor your web server using PHP
- Xebee Blog: Test Driven Development with Zend Framework and PHPUnit
- Blue Parabola Blog: Lies, Damn Lies, and Statistics – Zend’s Drupal Benchmarks
- Internet.com: Passing Data Between PHP and JavaScript Using JSON (Video)
- Abhinav Singh’s Blog: MEMQ : Fast queue implementation using Memcached and PHP only
- Richard Thomas’ Blog: Solar Framework Shorts – The Road to Solar 1.0
Joind.in
Tagged
- Agile (2)
- Apache (1)
- Book Review (1)
- Community (39)
- cvs (3)
- Deployment (7)
- Development (8)
- General Internet (4)
- git (1)
- Microsoft (1)
- Personal (27)
- PHP (98)
- Presentation (2)
- rsync (1)
- Solar (10)
- Testing (1)
- Uncategorized (4)
- Web (15)
Microsoft invented this I think I remember someone else saying on their blog.