Re: [WebDNA] Secure Cookies

This WebDNA talk-list message is from

2020


It keeps the original formatting.
numero = 114999
interpreted = N
texte = 2627 --00000000000074bd68059d82cd9c Content-Type: text/plain; charset="UTF-8" Stuart, Hi - just looking again at my code for WebDNA cookies: https://www.revolutionaries.ie/testspace/cookie/ Cookie: [getcookie name=testCookie]
- domain is specified so the cookie should be accessible by subdomains. [setcookie [!] [/!]name=testCookie[!] [/!]&value=[url]testValue[/url][!] [/!]&domain=[thishost][!] [/!]&httponly=T[!] [/!]&path=/[!] [/!][showif [url][thisport][/url]=443]&secure=T[/showif][!] [/!]&samesite=strict[!] [/!]] Cookie: [getcookie name=testCookieHostOnly]
- domain is NOT specified so HostOnly flag should be set, the cookie should not be accessible by subdomains. [setcookie [!] [/!]name=testCookieHostOnly[!] [/!]&value=[url]testValueHostOnly[/url][!] [/!]&httponly=T[!] [/!]&path=/[!] [/!][showif [url][thisport][/url]=443]&secure=T[/showif][!] [/!]&samesite=strict[!] [/!]] I include the 'samesite' value in the hope it will be supported in the future. - Tom On Fri, 31 Jan 2020 at 22:18, wrote: > Sat here about to face the same; echoing those questions.. > > > > *From:* talk@webdna.us > *Sent:* Friday, January 31, 2020 10:07 PM > *To:* WebDNA Talk List > *Subject:* [WebDNA] Secure Cookies > > > > Reading through the docs re cookies: http://webdna.us/page.dna?numero=180 > > > > The docs note: > > (optional) HttpOnly should be T, *just like Secure*. It adds a HttpOnly > to the cookie, and treats everything else as a F. > > > > However there is no mention on how to set a *SECURE* cookie > > > > Question: How do I ensure that a cookie is SECURELY set ? > > > > What version is required to set SECURE cookies ? > > > > > > Kind regards > > > > Stuart Tremain > > Pharoah Lane Software > > AUSTRALIA > > webdna@plsoftware.com.au > > > > > > > > > > > > > > --------------------------------------------------------- This message is > sent to you because you are subscribed to the mailing list talk@webdna.us > To unsubscribe, E-mail to: talk-leave@webdna.us archives: > http://www.webdna.us/page.dna?numero=55 Bug Reporting: support@webdna.us > --------------------------------------------------------- This message is > sent to you because you are subscribed to the mailing list talk@webdna.us > To unsubscribe, E-mail to: talk-leave@webdna.us archives: > http://www.webdna.us/page.dna?numero=55 Bug Reporting: support@webdna.us --00000000000074bd68059d82cd9c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Stuart,

Hi - just looking again at my code for= WebDNA cookies:


Cookie: [getcookie name=3DtestCookie]<= /br />
- domain is specified so the cookie should be accessibl= e by subdomains.

[setcookie [!]
[/!]name=3D= testCookie[!]
[/!]&value=3D[url]testValue[/url][!]
<= span class=3D"gmail-Apple-tab-span" style=3D"white-space:pre">[/= !]&domain=3D[thishost][!]
[/!]&httponly=3DT[!]
<= span class=3D"gmail-Apple-tab-span" style=3D"white-space:pre">[/= !]&path=3D/[!]
[/!][showif [url][thisport][/url]=3D443]&se= cure=3DT[/showif][!]
[/!]&samesite=3Dstrict[!]
[/!]]=



Cookie: [getcookie name=3Dt= estCookieHostOnly]</br />
- domain is NOT specified so Host= Only flag should be set, the cookie should not be accessible by subdomains.=

[setcookie [!]
[/!]name=3DtestCookieHostOnl= y[!]
[/!]&value=3D[url]testValueHostOnly[/url][!]
[/!= ]&httponly=3DT[!]
[/!]&path=3D/[!]
[/!][showif = [url][thisport][/url]=3D443]&secure=3DT[/showif][!]
[/!]&s= amesite=3Dstrict[!]
[/!]]

I include= =C2=A0the 'samesite' value in the=C2=A0hope it will be supported in= the future.

- Tom

On= Fri, 31 Jan 2020 at 22:18, <talk@webd= na.us> wrote:

Sat here about to face the same; echoing those= questions..

=C2=A0

From: talk@webdna= ..us <talk@webdna= ..us>
Sent: Friday, January 31, 2020 10:07 PM
To: WebDNA Talk List <talk@webdna.us>
Subject: [WebDNA] Secure Cookies

=C2=A0

Reading through the docs re cookies:=C2=A0http://webdna.us= /page.dna?numero=3D180

=C2=A0

The docs note:

(optional) HttpOnly should be T, just like Sec= ure. It adds a HttpOnly to the cookie, and treats everything else a= s a F.

=C2=A0

However there is no mention on how to set a SE= CURE cookie

=C2=A0

Question: =C2=A0How do I ensure that a cookie is SEC= URELY set ?

=C2=A0

What version is required to set SECURE cookies ?<= /u>

=C2=A0

=C2=A0

Kind regards

=C2=A0

Stuart Tremain=

Pharoah Lane Software=

AUSTRALIA<= /span>

=C2=A0

=C2=A0

=C2=A0

=C2=A0

=C2=A0

=C2=A0

----------------------------------------------------= ----- This message is sent to you because you are subscribed to the mailing= list talk@webdna.us To u= nsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us

--------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@w= ebdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: suppo= rt@webdna.us
--------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us --00000000000074bd68059d82cd9c-- . Associated Messages, from the most recent to the oldest:

    
  1. RE: [WebDNA] Secure Cookies ("Scott @ Itsula" 2020)
  2. Re: [WebDNA] Secure Cookies (christophe.billiottet@webdna.us 2020)
  3. Re: [WebDNA] Secure Cookies (Stuart Tremain 2020)
  4. Re: [WebDNA] Secure Cookies (Brian Harrington 2020)
  5. Re: [WebDNA] Secure Cookies (Stuart Tremain 2020)
  6. RE: [WebDNA] Secure Cookies ("Scott @ Itsula" 2020)
  7. Re: [WebDNA] Secure Cookies (Tom Duke 2020)
  8. RE: [WebDNA] Secure Cookies ("Scott @ Itsula" 2020)
  9. Re: [WebDNA] Secure Cookies (Tom Duke 2020)
  10. Re: [WebDNA] Secure Cookies (christophe.billiottet@webdna.us 2020)
  11. Re: [WebDNA] Secure Cookies (Stuart Tremain 2020)
  12. Re: [WebDNA] Secure Cookies (christophe.billiottet@webdna.us 2020)
  13. Re: [WebDNA] Secure Cookies (Stuart Tremain 2020)
  14. Re: [WebDNA] Secure Cookies (Tom Duke 2020)
  15. RE: [WebDNA] Secure Cookies ("Scott @ Itsula" 2020)
  16. [WebDNA] Secure Cookies - Further reading (Stuart Tremain 2020)
  17. [WebDNA] Secure Cookies (Stuart Tremain 2020)
  18. Re: [WebDNA] Secure cookies (HttpOnly/Secure) ("Dan Strong" 2013)
  19. Re: [WebDNA] Secure cookies (HttpOnly/Secure) (Tom Duke 2013)
  20. Re: [WebDNA] Secure cookies (HttpOnly/Secure) (WebDNA 2013)
  21. [WebDNA] Secure cookies (HttpOnly/Secure) ("Dan Strong" 2013)
  22. Re: [WebDNA] Secure Cookies (Tom Duke 2009)
  23. Re: [WebDNA] Secure Cookies (Tom Duke 2009)
  24. Re: [WebDNA] Secure Cookies (William DeVaul 2009)
  25. Re: [WebDNA] Secure Cookies (Tom Duke 2009)
  26. Re: [WebDNA] Secure Cookies (Frank Nordberg 2009)
  27. Re: [WebDNA] Secure Cookies (Govinda 2009)
  28. Re: [WebDNA] Secure Cookies ("Terry Wilson" 2009)
  29. Re: [WebDNA] Secure Cookies (William DeVaul 2009)
  30. Re: [WebDNA] Secure Cookies (William DeVaul 2009)
  31. Re: [WebDNA] Secure Cookies (Stuart Tremain 2009)
  32. Re: [WebDNA] Secure Cookies (Donovan Brooke 2009)
  33. Re: [WebDNA] Secure Cookies (Stuart Tremain 2009)
  34. Re: [WebDNA] Secure Cookies ("Terry Wilson" 2009)
  35. Re: [WebDNA] Secure Cookies (Stuart Tremain 2009)
  36. Re: [WebDNA] Secure Cookies (William DeVaul 2009)
  37. [WebDNA] Secure Cookies (Stuart Tremain 2009)
2627 --00000000000074bd68059d82cd9c Content-Type: text/plain; charset="UTF-8" Stuart, Hi - just looking again at my code for WebDNA cookies: https://www.revolutionaries.ie/testspace/cookie/ Cookie: [getcookie name=testCookie]
- domain is specified so the cookie should be accessible by subdomains. [setcookie [!] [/!]name=testCookie[!] [/!]&value=[url]testValue[/url][!] [/!]&domain=[thishost][!] [/!]&httponly=T[!] [/!]&path=/[!] [/!][showif [url][thisport][/url]=443]&secure=T[/showif][!] [/!]&samesite=strict[!] [/!]] Cookie: [getcookie name=testCookieHostOnly]
- domain is NOT specified so HostOnly flag should be set, the cookie should not be accessible by subdomains. [setcookie [!] [/!]name=testCookieHostOnly[!] [/!]&value=[url]testValueHostOnly[/url][!] [/!]&httponly=T[!] [/!]&path=/[!] [/!][showif [url][thisport][/url]=443]&secure=T[/showif][!] [/!]&samesite=strict[!] [/!]] I include the 'samesite' value in the hope it will be supported in the future. - Tom On Fri, 31 Jan 2020 at 22:18, wrote: > Sat here about to face the same; echoing those questions.. > > > > *From:* talk@webdna.us > *Sent:* Friday, January 31, 2020 10:07 PM > *To:* WebDNA Talk List > *Subject:* [WebDNA] Secure Cookies > > > > Reading through the docs re cookies: http://webdna.us/page.dna?numero=180 > > > > The docs note: > > (optional) HttpOnly should be T, *just like Secure*. It adds a HttpOnly > to the cookie, and treats everything else as a F. > > > > However there is no mention on how to set a *SECURE* cookie > > > > Question: How do I ensure that a cookie is SECURELY set ? > > > > What version is required to set SECURE cookies ? > > > > > > Kind regards > > > > Stuart Tremain > > Pharoah Lane Software > > AUSTRALIA > > webdna@plsoftware.com.au > > > > > > > > > > > > > > --------------------------------------------------------- This message is > sent to you because you are subscribed to the mailing list talk@webdna.us > To unsubscribe, E-mail to: talk-leave@webdna.us archives: > http://www.webdna.us/page.dna?numero=55 Bug Reporting: support@webdna.us > --------------------------------------------------------- This message is > sent to you because you are subscribed to the mailing list talk@webdna.us > To unsubscribe, E-mail to: talk-leave@webdna.us archives: > http://www.webdna.us/page.dna?numero=55 Bug Reporting: support@webdna.us --00000000000074bd68059d82cd9c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Stuart,

Hi - just looking again at my code for= WebDNA cookies:


Cookie: [getcookie name=3DtestCookie]<= /br />
- domain is specified so the cookie should be accessibl= e by subdomains.

[setcookie [!]
[/!]name=3D= testCookie[!]
[/!]&value=3D[url]testValue[/url][!]
<= span class=3D"gmail-Apple-tab-span" style=3D"white-space:pre">[/= !]&domain=3D[thishost][!]
[/!]&httponly=3DT[!]
<= span class=3D"gmail-Apple-tab-span" style=3D"white-space:pre">[/= !]&path=3D/[!]
[/!][showif [url][thisport][/url]=3D443]&se= cure=3DT[/showif][!]
[/!]&samesite=3Dstrict[!]
[/!]]=



Cookie: [getcookie name=3Dt= estCookieHostOnly]</br />
- domain is NOT specified so Host= Only flag should be set, the cookie should not be accessible by subdomains.=

[setcookie [!]
[/!]name=3DtestCookieHostOnl= y[!]
[/!]&value=3D[url]testValueHostOnly[/url][!]
[/!= ]&httponly=3DT[!]
[/!]&path=3D/[!]
[/!][showif = [url][thisport][/url]=3D443]&secure=3DT[/showif][!]
[/!]&s= amesite=3Dstrict[!]
[/!]]

I include= =C2=A0the 'samesite' value in the=C2=A0hope it will be supported in= the future.

- Tom

On= Fri, 31 Jan 2020 at 22:18, <talk@webd= na.us> wrote:

Sat here about to face the same; echoing those= questions..

=C2=A0

From: talk@webdna= ..us <talk@webdna= ..us>
Sent: Friday, January 31, 2020 10:07 PM
To: WebDNA Talk List <talk@webdna.us>
Subject: [WebDNA] Secure Cookies

=C2=A0

Reading through the docs re cookies:=C2=A0http://webdna.us= /page.dna?numero=3D180

=C2=A0

The docs note:

(optional) HttpOnly should be T, just like Sec= ure. It adds a HttpOnly to the cookie, and treats everything else a= s a F.

=C2=A0

However there is no mention on how to set a SE= CURE cookie

=C2=A0

Question: =C2=A0How do I ensure that a cookie is SEC= URELY set ?

=C2=A0

What version is required to set SECURE cookies ?<= /u>

=C2=A0

=C2=A0

Kind regards

=C2=A0

Stuart Tremain=

Pharoah Lane Software=

AUSTRALIA<= /span>

=C2=A0

=C2=A0

=C2=A0

=C2=A0

=C2=A0

=C2=A0

----------------------------------------------------= ----- This message is sent to you because you are subscribed to the mailing= list talk@webdna.us To u= nsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us

--------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@w= ebdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: suppo= rt@webdna.us
--------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list talk@webdna.us To unsubscribe, E-mail to: talk-leave@webdna.us archives: http://www.webdna.us/page.dna?numero=3D55 Bug Reporting: support@webdna.us --00000000000074bd68059d82cd9c-- . Tom Duke

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

F3 crashing server (1997) Sku numbers (1997) [WebDNA] unused database fields. . . . (2014) presetting a [math] var not working (2000) Math variable size-dumb question (1999) Database Options (1997) day of year (2001) show all problem (1997) SandBox and ImageMagick (2003) Use of Back and Reload Buttons on ShoppingCart page? (1997) New servers and new inline cache (1997) wierd [cart] action! (1997) WebTen and WebCat (1997) Sorting by date (1997) Summing fields (1997) problems with 2 tags (1997) Sendmail Question (2001) PCS Emailer's role ? (1997) form data submission gets truncated (1997) WebCat2b12 - nesting [tags] (1997)