NYCPHP Meetup

Headers and cookies

betenoir at echonyc.com betenoir at echonyc.com
Tue Feb 4 14:12:16 EST 2003


>> >
>> >I've also had better luck using header() and forming my Set-Cookie header
>> >manually.  Hopefully I didn't confuse things,
>>
>> In further testing we discovered that the problem is related to whether the
>> "read cookie" page is called from its own window or from within a frameset
>> at another domain. The former works, the latter doesn't.
>
>I had a similar issue, albeit with the domains nyphp.org vs. www.nyphp.org.
>By the way Chris, that's a great resource (http://www.w3.org/P3P/).
<snip>
>> And you are "creating" a Set-Cookie header rather than simply writing to a
>> cookie?
>
>Well as Chris pointed out, you don't really write to a cookie; you just write
>the Set-Cookie: HTTP header and I've always had better luck manually creating
>it with header() than letting setcookie() do it.

How would I write a Set-Cookie header for $cookie_name, $cookie_value,
$expiry,  $specified_domain?

To restate the problem: I am handing off data from my site to a secure
credit-card processing site (which is in a frameset).  Once the transaction
has been confirmed I want to load a page from my site into a frame of the
third-party site to read the cookie.

My current work-around is to load an interstitial page into that frame,
which launches a separate window which reads the cookie.  However because
of concerns about "anti-pop-up" software as well as limited user system
resources i would prefer not to use this method.  The ability to read this
cookie is "mission critical".

Clyde



More information about the talk mailing list