SESCOOKIENOSEC (JANUS DEFINE parameter): Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
m (remove displaytitle) |
||
(6 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
<span class="pageSubtitle">Send the session cookie 'unsecured'</span> | |||
<span class="pageSubtitle" | |||
<var>SESCOOKIENOSEC</var> is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port | <var>SESCOOKIENOSEC</var> is a parameter on <var>[[JANUS DEFINE]]</var>, which defines and sets characteristics of a Janus port. | ||
Indicates that the cookie specified by <var>[[SESCOOKIE (JANUS DEFINE parameter)|SESCOOKIE]]</var> will not be sent to the browser as a "secure" cookie. This makes it possible with some browsers in certain situations to use the <var>SESCOOKIE</var> cookie to have a logical session operate over multiple | Indicates that the cookie specified by <var>[[SESCOOKIE (JANUS DEFINE parameter)|SESCOOKIE]]</var> will not be sent to the browser as a "secure" cookie. This makes it possible with some browsers in certain situations to use the <var>SESCOOKIE</var> cookie to have a logical session operate over multiple <var class="product">[[Janus Web Server]]</var> ports. | ||
'''Note:''' It is probably a bad idea to transmit a session cookie on a non-SSL connection, because someone who spies the session cookie can use it to perform trusted logins on the | <p class="note">'''Note:''' It is probably a bad idea to transmit a session cookie on a non-SSL connection, because someone who spies the session cookie can use it to perform trusted logins on the <var class="product">[[Janus Web Server]]</var> port (though such a person cannot determine any password associated with the session cookie). </p> | ||
<var>SESCOOKIENOSEC</var> is valid only for WEBSERV ports. | <var>SESCOOKIENOSEC</var> is valid only for <var>[[JANUS DEFINE#type|WEBSERV]]</var> ports. | ||
==See also== | ==See also== | ||
<ul> | <ul> | ||
<li>[[List of Janus commands]] | <li>[[List of Janus commands]] |
Latest revision as of 23:25, 7 June 2016
Send the session cookie 'unsecured'
SESCOOKIENOSEC is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port.
Indicates that the cookie specified by SESCOOKIE will not be sent to the browser as a "secure" cookie. This makes it possible with some browsers in certain situations to use the SESCOOKIE cookie to have a logical session operate over multiple Janus Web Server ports.
Note: It is probably a bad idea to transmit a session cookie on a non-SSL connection, because someone who spies the session cookie can use it to perform trusted logins on the Janus Web Server port (though such a person cannot determine any password associated with the session cookie).
SESCOOKIENOSEC is valid only for WEBSERV ports.