Show Posts
1
Web Proxy Filtering and Caching / stuggling to properly set the httponly cookie headers
« on: March 28, 2022, 04:19:57 am »
Hello OPNsensers,
I created a small nginx-based web application for my last I.T class homework.
During the login process, I declare a few primary sessions in my code such as:
$_SESSION['user']=$user;
Then I declared the cookie set header right underneath such as
setcookie("user", $user, ['httponly' => true, 'samesite'=>'Strict']);
But for sure I'm doing something wrong .
When I checked other web application it show something like this:
set-cookie
b=nil;max-age=0;path=/;domain=nameofthewebsite.com
In my case, in display something like this :
Cookie
PHPSESSID=d9peo0453gog94jtn94jgn949 - user=username
This shows as well: Upgrade-Insecure-Request 1
Can someone guide me out please to make sure my web application is secured enough please ?
It should not be such a big deal I guess
I created a small nginx-based web application for my last I.T class homework.
During the login process, I declare a few primary sessions in my code such as:
$_SESSION['user']=$user;
Then I declared the cookie set header right underneath such as
setcookie("user", $user, ['httponly' => true, 'samesite'=>'Strict']);
But for sure I'm doing something wrong .
When I checked other web application it show something like this:
set-cookie
b=nil;max-age=0;path=/;domain=nameofthewebsite.com
In my case, in display something like this :
Cookie
PHPSESSID=d9peo0453gog94jtn94jgn949 - user=username
This shows as well: Upgrade-Insecure-Request 1
Can someone guide me out please to make sure my web application is secured enough please ?
It should not be such a big deal I guess