Did you know that WordPress comes with a built-in feature that allows you to undo changes and go back to a previous version of a post. This feature is called Post Revisions or simply Revisions. Most of us make mistakes when writing. Sometimes you might wish that you hadn’t deleted what you wrote earlier.
Enable Secure Cookie Setting with HTTPOnly in WordPress
Login to your web hosting and go to file manager to browser your web files. Open public_html directory to access all files and there find that file. Right click on it, click on Edit to open in Editor. That’s it!
Overview. The secure attribute is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure attribute is to prevent cookies from being observed by unauthorized parties due to the transmission of the cookie in clear text.
Implementation Procedure in Apache
- Ensure you have mod_headers.so enabled in Apache HTTP server.
- Add following entry in httpd.conf. Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=None.
- Restart Apache HTTP server to test.
The Secure flag is used to declare that the cookie may only be transmitted using a secure connection (SSL/HTTPS). If this cookie is set, the browser will never send the cookie if the connection is HTTP. This flag prevents cookie theft via man-in-the-middle attacks.
Under content settings, you will need to click on ‘Cookies’ to open the cookies settings page. Next, you need to click on the ‘All cookies and site data’ option. On the next page, you will see a list of all cookies and site data stored on your browser by all websites you visited.
- Next make the URLRequest with the URL string, and set its http method. var urlRequest = URLRequest(url: requestUrl) urlRequest.httpMethod = “POST”
- Then set the cookies for the URLRequest . …
- Finally send the URLRequest with Alamofire, and use the response data in whatever way I wish.
Using Java to Set HttpOnly
- <session-config> <cookie-config> <http-only>true</http-only> </cookie-config> </session-config>
- String sessionid = request. …
- <? …
- <Context cookies=”true” crossContext=”true”> <SessionCookie secure=”true” httpOnly=”true” />
- Dim myCookie As HttpCookie = new HttpCookie(“myCookie”) myCookie.
- Enable HttpOnly Flag in IIS. Edit the web.config file of your web application and add the following: …
- Enable Secure Flag in IIS. It is better to use URL Rewrite and add the following to your web.config file:
Using the HttpOnly tag when generating a cookie helps mitigate the risk of client-side scripts accessing the protected cookie, thus making these cookies more secure. If the HttpOnly flag is included in the HTTP response header, the cookie cannot be accessed through the client-side script.
Now that you’ve created a session, it’s just a matter of setting the cookie in all subsequent requests to the server.
- Store the session object on the client. …
- When you want to make a request, take cookie name and value from the session and use them to set the ‘cookie’ field in the header of your request.