Use https for the redirect, also. Either that, or redesign your app so you don't require the session vars in the other view. Are you doing this to save doing a find() in the "view" view?
On Mon, Aug 17, 2009 at 10:22 AM, vb13<val.brod...@gmail.com> wrote: > > I have a User Edit page that submits data over https /user/edit. The > controller saves data and redirects via http to /user/view. > > > In the process I use php session to read/write some data. If I access > session data using Cake Session component, I loose my session. As a > result I get redirected to a login page. This is not a problem when I > access $_SESSION in my code directly. > > I tracked http requests using FF Live Http Headers plugin and noticed > that in addition to setting a cookie like so: > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; path=/ > > > Cake also writes out > > Set-Cookie: TMCONSOLE=h4790sptdlflu4cenumitm8ga0; expires=Fri, 21 Aug > 2009 19:30:23 GMT; path=/; secure > > (which is why the browser drops the cookie I suppose). > > I assume Edit secure data / save / redirect to be a pretty standard > case. Does anyone else looses their session? How can I fix it? I > prefer to always access session using Cake's component. > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
