blog.php-security.org— Stefan Esser of the Hardened-PHP Project has written an extension that enables httpOnly support for cookies in Firefox 2. An httpOnly cookie is a cookie that cannot be read from a client side script, thereby preventing cookie stealing.
Oct 28, 2006View in Crawl 4
I would like to share a free PHP Code and Resources site here,http://www.phpkode.com You will find everything you need while encountering some difficulties during your PHP developing or learning.
Closed AccountOct 28, 2006Submitter
And by the way, this isn't blog spam. It's a link to the developer's own blog announcing the extension.
Closed AccountNov 11, 2006
"An httpOnly cookie is a cookie that cannot be read from a client side script, thereby preventing cookie stealing." This is not 100% true, there are ways to go around that limitation. In fact, it's one of the reasons why it's not included in Firefox, read the bug : <a class="user" href="http://bugzilla.mozilla.org/show_bug.cgi?id=178993">http://bugzilla.mozilla.org/show_bug.cgi?id=178993</a>BTW, this extension is at the proof-of-concept-hack stage.
darejaDec 14, 2006
Looks Great!!
mingshuoyaoNov 4, 2010
I would like to share a free PHP Code and Resources site here,http://www.phpkode.com You will find everything you need while encountering some difficulties during your PHP developing or learning.