Ok that’s all I wanted to know. Thanks.
-----Original Message----- From: Miles J [mailto:[email protected]] Sent: October-13-09 1:40 PM To: CakePHP Subject: Re: Session / Security It only applies to the domain (name.com) not the whole shared vhosts grid server. On Oct 13, 8:42 am, "Dave Maharaj :: WidePixels.com" <[email protected]> wrote: > Hey AD, > > Maybe (probably) I am lost on what I read. > > I have my domain on a non dedicated hosting platform. But the only > thing in my domain is my site. > I thought what I read about "If the cookie's path is set to '/' (the > whole domain), then any website on the same domain (might be lots of > websites) _will_ get the cookie through HTTP headers and could > possibly hijack your session." > > Are thy referring to the server domain or my domain? My understanding > is shared hosting all points to specific ips for that host and then > they serve up the domain the user requested. > > So when someone requests my site they go to 123.123.12.12 for example > and they send back my site to the user. The cookie set to '/' is that > for mysite.com or 123.123.12.12. > > Maybe just lost n the trasnlation. > > Thanks, > > Dave > > -----Original Message----- > From: AD7six [mailto:[email protected]] > Sent: October-13-09 11:24 AM > To: CakePHP > Subject: Re: Session / Security > > On 13 oct, 15:48, "Dave Maharaj :: WidePixels.com" > <[email protected]> wrote: > > Thanks for the links > > > I am on shared hosted server and found when reading > > > "If the cookie's path is set to '/' (the whole domain), then any > > website on the same domain (might be lots of websites) _will_ get > > the cookie through HTTP headers and could possibly hijack your session." > > > How can this be avoided in this a situation with shared hosting or not? > > in what way is using shared hosting relevant to that question, you > plan on/are sharing the same domain with servers/people you don't know? > > AD --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
