Cant login to backend with Set-Cookie HttpOnly;Secure

This forum has moved to a new location and is in read-only mode. Please visit talk.octobercms.com to access the new location.

Troiscent

8 years ago

Hello,

I'm trying to use october cms in a full https environment, and I try to get the perfect score to Dareboost.

It seems to be a good practice to define the following header :

Header always set Set-Cookie HttpOnly;Secure

The problem is that I can't connect to backend anymore if I do that.

To reproduce the problem, you have to clear all your cookies before trying, because if you already connected successfully before, it works (probably cause the cookie is already on you computer and the problem come from the cookie creation).

Any ideas to fix the problem, is it a real october issue or did I miss something ?

Thanks

Alex

1-1 of 1

You cannot edit posts or make replies: the forum has moved to talk.octobercms.com.

Latest from the blog

What's New in October CMS v4!

October CMS version 4 is here. This release focuses on stability, modern tooling, and a better experience for developers and users alike. Below are the key highlights and changes you'll find in this major update.

Continue reading →