Three doubles and a wooden rake
If someone has already encountered cookie problems for a host with and without www, you can save time and click on the link
... I, here, did not face earlier and, moreover, did not expect such a dirty trick from firelight.
And the problem looks like this: for www.host.ru and host.ru, when starting a session in the same PHP, Firefox creates different cookies (containing different session_id)
')
I noticed it when I screwed the captcha to the form.
The path to the script image contained the www in the host name, the script created the picture and shoved the characters into the session variable, but not at all (without the www), which was then destined to receive the form data and verify the correctness of the corrupted characters.
IE at the same time regularly worked out.
The solution chose a simple one - clean up the www mode_rewrite:
I hope that helped someone bypass the rake.
... I, here, did not face earlier and, moreover, did not expect such a dirty trick from firelight.
And the problem looks like this: for www.host.ru and host.ru, when starting a session in the same PHP, Firefox creates different cookies (containing different session_id)
')
I noticed it when I screwed the captcha to the form.
The path to the script image contained the www in the host name, the script created the picture and shoved the characters into the session variable, but not at all (without the www), which was then destined to receive the form data and verify the correctness of the corrupted characters.
IE at the same time regularly worked out.
The solution chose a simple one - clean up the www mode_rewrite:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www.host.ru$ [NC]
RewriteRule ^(.+)$ host.ru$1 [L]
I hope that helped someone bypass the rake.
Source: https://habr.com/ru/post/9680/
All Articles