As we're on a securit=y thing at the moment, I was trying to work out how best to set session coo=kies. =C2=A0Here's what's working for me (WebDNA 6.2 on CentOS).
- Tom
On the 'login template' where the users username/pa=ssword are checked:
[!]
-----------------------------------
### =C2=A0Set session cookie and redirect =to dashboard =C2=A0###
[/!][setcookie name=3Dsession-cookie&value=3D[url][=url][encrypt seed=3Dsecret-seed][cart][/encrypt][/url][/url]&path=3D/&a=mp;domain=3D[grep search=3Dwww&replace=3D][getmimeheader name=3Dhost][/=grep]&secure=3DT][!]
[/!][redirect /dashboard.tmpl?v=3Dlogon]
On the 'dasboard template':
[!]
----------------------------=--------
### =C2=A0Reset ses=sion cookie with HttpOnly option =C2=A0###
[/!][sh=owif [v]=3Dlogon][!]
=[/!][setmimeheader name=3DSet-Cookie&value=3Dsession-cookie=3D[u=rl][url][getcookie name=3Dsession-cookie][/url][/url]; path=3D/; domain=3D[=grep search=3Dwww&replace=3D][getmimeheader name=3Dhost][/grep]; secure=; HttpOnly][!]
[/!][/showif]
=
On the 'logout template':
[!]
------------------------------------
### =C2=A0Clear ses=sion cookie =C2=A0###
[/!][setcookie name=3Dsessio=n-cookie&value=3D&path=3D/&domain=3D[grep search=3Dwww&repl=ace=3D][getmimeheader name=3Dhost][/grep]&expires=3DThu, 01 Jan 1970 00=:00:00 GMT]
I ca=n't get the [setmimeheader] working on the 'logon template'. ==C2=A0 It seems the full page has to load, maybe that's the way it'=s meant to be?
--047d7bdca488d3e60104e7e0141b--
Associated Messages, from the most recent to the oldest:
--047d7bdca488d3e60104e7e0141bContent-Type: text/plain; charset=UTF-8Dan / Stuart,As we're on a security thing at the moment, I was trying to work out howbest to set session cookies. Here's what's working for me (WebDNA 6.2 onCentOS).- TomOn the 'login template' where the users username/password are checked:
[!]-----------------------------------### Set session cookie and redirect to dashboard ###[/!][setcookie name=session-cookie&value=
[url][url][encryptseed=secret-seed]
[cart][/encrypt][/url][/url]&path=/&domain=[grepsearch=www&replace=][getmimeheader name=host][/grep]&secure=T]
[!][/!][redirect /dashboard.tmpl?v=logon]On the 'dasboard template':
[!]------------------------------------ ### Reset session cookie with HttpOnly option ###[/!][showif [v]=logon]
[!][/!][setmimeheadername=Set-Cookie&value=session-cookie=
[url][url][getcookiename=session-cookie][/url][/url]; path=/; domain=[grepsearch=www&replace=][getmimeheader name=host][/grep]; secure; HttpOnly]
[!][/!][/showif]On the 'logout template':
[!]------------------------------------ ### Clear session cookie ###[/!][setcookie name=session-cookie&value=&path=/&domain=[grepsearch=www&replace=][getmimeheader name=host][/grep]&expires=Thu, 01 Jan1970 00:00:00 GMT]I can't get the
[setmimeheader] working on the 'logon template'. It seemsthe full page has to load, maybe that's the way it's meant to be?--047d7bdca488d3e60104e7e0141bContent-Type: text/html; charset=UTF-8Content-Transfer-Encoding: quoted-printable
Dan / Stuart,
As we're on a securit=y thing at the moment, I was trying to work out how best to set session coo=kies. =C2=A0Here's what's working for me (WebDNA 6.2 on CentOS).
- Tom
On the 'login template' where the users username/pa=ssword are checked:
-----------------------------------
### =C2=A0Set session cookie and redirect =to dashboard =C2=A0###
[/!][setcookie name=3Dsession-cookie&value=3D
[url][=url][encrypt seed=3Dsecret-seed]
[cart][/encrypt][/url][/url]&path=3D/&a=mp;domain=3D[grep search=3Dwww&replace=3D][getmimeheader name=3Dhost][/=grep]&secure=3DT]
[!][/!][redirect /dashboard.tmpl?v=3Dlogon]