[eluser]Treeda[/eluser]
OK, now i'm confused....
i'm still debugging but it seems that all other browsers are not storing the cookies.
currently testing with firefox and chrome.
stupid little test...
Code:
public function index(){
$this->load->helper("cookie");
$cookie = array(
'name' => 'sabber',
'value' => 'The Value',
'expire' => '86500',
'secure' => TRUE
);
$this->input->set_cookie($cookie);
var_dump( $_COOKIE );
firefox even with firebug shows the cookies
chrome does not, neither the dump nor the chromes console....
oh and before you ask, cookies are allowed. Also the reponse header from the server looks ok, sending the cookies.
Quote:Connection:Keep-Alive
Content-Length:79
Content-Type:text/html; charset=utf-8
Date:Thu, 07 Jul 2011 03:40:41 GMT
Keep-Alive:timeout=15, max=100
Server:Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.12 with Suhosin-Patch
Set-Cookie:ci_csrf_token=03a94ba1fb5a1706da8922c46593a4c0; expires=Thu, 07-Jul-2011 05:40:41 GMT; path=/
sessions=a:4:{s:10:"session_id";s:32:"28f15fcd92e76754265a853a9610c28b";s:10:"ip_address";s:13:"192.168.10.23";s:10:"user_agent";s:50:"Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/53";s:13:"last_activity";i:1310010041;}69fba62d1b15e9c3d8b65bb92a602323; expires=Thu, 07-Jul-2011 04:40:41 GMT; path=/
sabber=The+Value; expires=Fri, 08-Jul-2011 03:42:21 GMT; path=/; secure
X-Powered-By
HP/5.2.4-2ubuntu5.12
and a question, regarding this settings mentioned above
Quote:/*
|—————————————————————————————————————
| Cross Site Request Forgery
|—————————————————————————————————————
*/
$config[‘csrf_protection’] = TRUE;
$config[‘csrf_token_name’] = ‘csrf_test_name’;
$config[‘csrf_cookie_name’] = ‘csrf_cookie_name’;
$config[‘csrf_expire’] = 7200;
they seem kinda useless to me, because the CI_Security class is not reading the csrf xxx_names from config but hardcoding it. I didn't found an occurence where it might get overwritten, even oferwriting them on myself via config doesn't change them at all...
