SESCOOKIENOSEC (JANUS DEFINE parameter): Difference between revisions

From m204wiki
Jump to navigation Jump to search
mNo edit summary
Line 4: Line 4:
SESCOOKIENOSEC is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port. See the [[JANUS DEFINE#parmlist|List of JANUS DEFINE parameters]].
SESCOOKIENOSEC is a parameter on [[JANUS DEFINE]], which defines and sets characteristics of a Janus port. See the [[JANUS DEFINE#parmlist|List of JANUS DEFINE parameters]].


Indicates that the cookie specified by SESCOOKIE will not be sent to the browser as a "secure" cookie. This makes it possible with some browsers in certain situations to use the [[SESCOOKIE]] cookie to have a logical session operate over multiple ''[[Janus Web Server]]'' ports.<blockquote> It is probably a bad idea to transmit a session cookie on a non-SSL connection, because someone who spies the session cookie can use it to perform trusted logins on the ''[[Janus Web Server]]'' port (though such a person cannot determine any password associated with the session cookie).</blockquote>
Indicates that the cookie specified by <var>[[SESCOOKIE (JANUS DEFINE parameter)|SESCOOKIE]]</var> will not be sent to the browser as a "secure" cookie. This makes it possible with some browsers in certain situations to use the <var>SESCOOKIE</var> cookie to have a logical session operate over multiple ''[[Janus Web Server]]'' ports.


The SESCOOKIENOSEC parameter is only available in ''[[Sirius Mods]]'' Version 6.0 and later.  
'''Note:''' It is probably a bad idea to transmit a session cookie on a non-SSL connection, because someone who spies the session cookie can use it to perform trusted logins on the ''[[Janus Web Server]]'' port (though such a person cannot determine any password associated with the session cookie).


SESCOOKIENOSEC is valid only for WEBSERV ports.
SESCOOKIENOSEC is valid only for WEBSERV ports.

Revision as of 23:01, 27 February 2012

<section begin="desc" />Send the session cookie 'unsecured'.<section end="desc" />

SESCOOKIENOSEC is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port. See the List of JANUS DEFINE parameters.

Indicates that the cookie specified by SESCOOKIE will not be sent to the browser as a "secure" cookie. This makes it possible with some browsers in certain situations to use the SESCOOKIE cookie to have a logical session operate over multiple Janus Web Server ports.

Note: It is probably a bad idea to transmit a session cookie on a non-SSL connection, because someone who spies the session cookie can use it to perform trusted logins on the Janus Web Server port (though such a person cannot determine any password associated with the session cookie).

SESCOOKIENOSEC is valid only for WEBSERV ports.

References

See: List of Janus commands | List of JANUS DEFINE parameters.

Retrieved from "https://m204wiki.rocketsoftware.com/index.php?title=SESCOOKIENOSEC_(JANUS_DEFINE_parameter)&oldid=39881"