Cookie syntax:
Cookie usually as HTTP response headers to the client, the following example shows the appropriate syntax (note, HttpOnly property is not case sensitive):
- Set-Cookie: =[; =]
- [; expires=][; domain=]
- [; path=][; secure][; HttpOnly]
Property Meaning
1 secure property
When set to true, that created the Cookie will be in a secure form, that is, can only be passed to the server in the transmission HTTPS browser connections to the server-side session authentication, if the HTTP connection is not delivered this information, so it will not be stolen to the specific content of Cookie.2 HttpOnly property
If you set the "HttpOnly" attribute in the Cookie, then through the program (JS script, Applet, etc.) will not be able to read the Cookie information, this can effectively prevent XSS attacks.
Note: Sometimes you do not specify HttpOnly argument is true, the statement may delete the cookie is invalid.
the setcookie @ // ( "_ mcloudauth", "", Time () - 3600);
@setcookie ( '_ mcloudauthcookie', '', Time () - 3600, '/', NULL, NULL, to true);
the setcookie @ // ( "_ mcloudauth", "", Time () - 3600);
@setcookie ( '_ mcloudauthcookie', '', Time () - 3600, '/', NULL, NULL, to true);