[mythtv] Mythweb cookie settings
Chris Petersen
lists at forevermore.net
Sun Jan 1 16:01:12 EST 2006
> Chris or anyone? Is there a good reason why the path and domain of the session
> cookie is specified in sessions.php? Neither seem necessary to me and the
> hard-coded path breaks cookies for those who haven't installed mythweb in the
> server root.
path shouldn't hurt.. the cookie spec says that "anything under" the
path is how it's supposed to work, so setting the path to / is the
global way to deal with cookies so they'll work anywhere within the
specified domain.
> I have mythweb installed in a mythweb subdir. Removing the path/domain from
> session_set_cookie_params works just fine here.
If you remove the domain, you create a cookie that any site can see.
Personally, I don't like that idea. I've run mythweb from subdirs (I
tested up to 3 levels deep) and it works fine.
If you're having issues, it's most likely the domain setup, not the
path. What domain are you using to access mythweb? and what domain is
it setting the cookie for?
-Chris
(btw, all of this is fixed in svn for people who use apache
authentication, since the session data is stored per-user for logged-in
users, rather than based on the cookie).
More information about the mythtv-dev
mailing list