新人请教https设置cookie httponly 和secrue的问题
新人想询问一下,安装了lnmpa的服务器,apache配置了https访问443端口,现在客户希望 All cookies must have the “secure” and “httpOnly” flags set所以根据网上找到的资料,在http-ssl.conf 设置了一句 Header always edit Set-Cookie (.*) "$1; HTTPOnly"
但是发现并没成功,想询问一下应该如何设置 Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure 或
Header always edit Set-Cookie (.*) "$1; HTTPOnly; Secure"
应该可以
页:
[1]