Richard Lynch wrote:

>But Cookies sent to the HTTPS are not on the HTTP and vice versa.
>That ain't PHP, that's just how cookies work.

Are you sure about this? That's definitely not how the specification 
reads (assuming I'm interpreting what you're trying to say correctly), 
and that is not what my experience has shown either.

A secure cookie will only be transmitted when the request is being sent 
over a secure connection, but an ordinary cookie does not carry this 
restriction and would thus not care whether the connection was secure. 
As someone else suggested, if the domain name is changing, then that is 
the access restriction that is keeping the cookie from being sent, not 
whether the connection is secure.

Happy hacking.


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to