Do you set your cookies using a domain wildcard? .yourdomain.com instead of yourdomain.com or www.yourdomain.com
I also use a rewrite rule to force the https for specific pages and not for others. -- Shaun Webster On Apr 1, 2010, at 9:01 AM, Paul Alkema wrote: > > Hmm.. I don't think this is correct. My site doesn't pass tokens in order to > keep session variables or cookies. > > When a user first lands on my http site, I set sessions/cookies and pass > them to our cart which is https and both of them are transferred just fine > and I don't pass any type cf tokens. > > I don't know if it makes a difference but I use 128 bit High-grade > Encryption. > > Now... yoursite.com vs www.yoursite.com is a different issue. That is seen > by most browsers as being different sites and doesn't allow you to pass > cookies to between the two sites. > > Paul Alkema > http://www.alkemadesigns.com/ > > > -----Original Message----- > From: Jason Fisher [mailto:[email protected]] > Sent: Wednesday, March 31, 2010 10:49 PM > To: cf-talk > Subject: Re: What happens to session variables after redirecting to https? > > > No, from a cookie perspective, http://mysite.com and https://mysite.com > are 2 different domains, so you need to send the session tokens across > the gap. Any of a number of approaches can work, but here's the quick > and dirty: > > <cflocation url="https://#mySecureURL#"; addtoken="yes" /> > > Or, if you are using some other redirection, you can append the > following to the URL: > > &cfid=#cookie.cfid#&cftoken=#cookie.cftoken# > > (Note that the nomenclature is different if you're using Java session IDs.) > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:332519 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
