Whats the recommended way to set httponly and secure flags on the PHPSESSID cookie?
I found http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-httponly. Any better suggestions?
thanks
ini_set('session.cookie_httponly', 1);
more information here on the PHP docs
1.4m articles
1.4m replys
5 comments
57.0k users