Announcement

Collapse
No announcement yet.

SetCookie Question

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    SetCookie Question

    I am setting a cookie in a module. Cookie is meant to track an id until an order is placed or will expire in few hours. When the order is placed I need to clear or expire the cookie -- presumably on the INVC page. I was attempting to use SMT to adjust the cookie on the INVC template. But, the cookie won't update. I am looking to figure out how.

    I've noticed that the cookie is created with HttpOnly =1 ( per the LSK) by default. This seems to be my roadblock. I am thinking a possible solution is to set the HttpOnly =0 when creating the cookie.

    I only need this cookie for a short duration. But HttpOnly prevents other client side scripts from changing the values and properties. I'd like to now violate this capability. Especially if it's a PCI compliance feature that should be maintained.

    Might I expire the cookie from the same module during the Fulfillment feature instead of SMT?

    Thanks,

    Scott
    Need to offer Shipping Insurance?
    Interactive Design Solutions https://www.myids.net
    MivaMerchant Business Partner | Certified MivaMerchant Web Developer
    Competitive Rates, Custom Modules and Integrations, Store Integration
    AutoBaskets|Advanced Waitlist Integration|Ask about Shipping Insurance Integration
    My T-shirt Collection is mostly MivaCon T-shirts!!

    #2
    The httponly flag means the cookie was set by the server and can only be modified by the server (not clientside)

    If you are using a module you can delete the cookie by setting the expiration date of the cookie to any time in the past. Here is a template code example but these same functions can be called by your module:


    http://docs.miva.com/code-samples/set-cookie
    Brennan Heyde
    VP Product
    Miva, Inc.
    [email protected]
    https://www.miva.com

    Comment

    Working...
    X