httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nelson, Robert D." <>
Subject RE: [users@httpd] SSL, Cookies, Post Variables
Date Tue, 05 Nov 2002 19:57:08 GMT

> I am trying to get a Apache Secure Server (SSL) configured to 
> work on a Red
> Hat Linux 6.2 server. I have a tes certificate installed 
> which seems to be
> working. I host multiple virtual domains on the server and 
> would like to
> have them all be able to use the secure server feature. The 
> problem I am
> having is that the cookies and data from form post/cgi 
> operations is not
> carrying through when I go secure. I am thinking this has to 
> do with the
> URLs being referenced are different when secure versus 
> non-secure. So, the
> server is not passing on the data. IE. If I start non-secure at URL of
> and then go secure to I
loose all my cookies and/or posted form data. This is a big problem since it
is a shopping cart application. I end up loosing the shopping cart info at
checkout time. So the question is can I force the server to pass on the
cookies/post data despite the differences in the URLs?

This is a standard part of the way cookies work.  They will only be sent
with a request that contains the domain and path (optional) that was set
with the set-cookie header.  You can't grab cookies from two different
domains.  Take a look at some of the cookie documentation out there.

You should be able to carry over some of this data either in the query
string or in POST data.  That should not be effected when domains are

 ~ Robert

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message