Cookie httponly accessible when I make ajax php queries? -


I have been asked before, but I need some explanation and confirmation. I have been told that to prevent XS, use only http to create cookies.

So my explanation is whether I use alone, will my PHP scripts be accessed via AJAX request, still my active php session default: phpssessid) and my $ _SESSION variable Retrieve?

The thing is that I have not designed with the httponly option only and I am concerned that this option will affect the design of the script anyhow. / P>

Thanks!

I'm not sure that I'm getting the question, but here's a knife: In the same way you will need to set up the session as you did on your main page. For example, I have only one file in which I am included in "My main page" and anything else from that page Calling using AJAX.

Then, above my index.php

   

The only thing on top of my ajax_helper.php file

   

Mysql startup commands in db.php file, session_start and anything else that would be normal for all pages on the site. In this way, the session works anywhere.

I hope that makes sense and answers your question


Comments

Popular posts from this blog

c# - sqlDecimal to decimal clr stored procedure Unable to cast object of type 'System.Data.SqlTypes.SqlDecimal' to type 'System.IConvertible' -

Calling GetGUIThreadInfo from Outlook VBA -

Obfuscating Python code? -