Solution to cross-origin session sharing between http and https
- $ CurrentSessionID = session_id ();
- Session_id ($ currentSessionID );
The following is the implementation code, which consists of http and https. 1. http:
- Session_start ();
- $ CurrentSessionID = session_id ();
- $ _ SESSION ['testvariable'] = 'session worked ';
- $ SecureServerDomain = 'www .sjolzy.cn ';
- $ SecurePagePath = '/safePages/securePage. php'
- Echo 'click here to jump to the HTTPS protocol ';
- ?>
2. HTTPS section
- $ CurrentSessionID = $ _ GET ['session'];
- Session_id ($ currentSessionID );
- Session_start ();
- If (! Emptyempty ($ _ SESSION ['testvariable']) {
- Echo $ _ SESSION ['testvariable'];
- } Else {
- Echo 'session did not work .';
- }
- ?>
Note: Due to security issues, the transmission of session IDs is not encrypted. you can obtain the session id through sniffing to obtain session data. We recommend that you encrypt this id. |