PHP - Check if cookie was set with secure flag

Question

hopefully this is a straight forward question.

We are moving a site from http to https, the http site has some cookies set that allows a device access to certain areas. I have reworked the code to set the cookie with the secure flag so that it must be returned over HTTPS.

We have a couple of devices out and about that we can physically access but I need to change the cookie on them.

is there a way to check if a cookie has the secure flag set in php. I am hoping to retrieve the cookie check if the flag is set and if not, regenerate the cookie with the secure flag set.

is there a way to do that?

Answer 1

SET Secure Cookie: To set secure flag as in this post and PHP reference.

//php code to create secure cookie.    
bool setcookie ( string $name [, string $value = "" [, int $expire = 0 [, string $path = "" [, string $domain = "" [, bool $secure = false [, bool $httponly = false ]]]]]] )

You are after bool secure = true & httponly=false

Read if Cookie is secure:

and to check if its secure. refer to this post

Description

array session_get_cookie_params ( void ) Gets the session cookie parameters.

Return Values

Returns an array with the current session cookie information, the array contains the following items:

"lifetime" - The lifetime of the cookie in seconds. "path" - The path

where information is stored. "domain" - The domain of the cookie.

"secure" - The cookie should only be sent over secure connections.

"httponly" - The cookie can only be accessed through the HTTP protocol.

//php code to check if its secure
$CookieInfo = session_get_cookie_params();
var_dump($CookieInfo);
echo $CookieInfo['secure'];

This is also a useful post from other stack if you are after a single cookie.