Cookie httponly accessible when I make ajax php queries? -
I have been asked before, but I need some explanation and confirmation. I have been told that to prevent XS, use only http to create cookies.
So my explanation is whether I use alone, will my PHP scripts be accessed via AJAX request, still my active php session default: phpssessid) and my $ _SESSION variable Retrieve?
The thing is that I have not designed with the httponly option only and I am concerned that this option will affect the design of the script anyhow. / P>
Thanks!
I'm not sure that I'm getting the question, but here's a knife: In the same way you will need to set up the session as you did on your main page. For example, I have only one file in which I am included in "My main page" and anything else from that page Calling using AJAX.
Then, above my index.php
The only thing on top of my ajax_helper.php file
Mysql startup commands in db.php file, session_start and anything else that would be normal for all pages on the site. In this way, the session works anywhere.
I hope that makes sense and answers your question
Comments
Post a Comment