Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
(Solved) Important ProxyConnect and Codeigniter turn on cookie encryption in Codeigniter
I just wanted to say if you are trying to get ProxyConnect and Codeigniter working and it is and then suddenly isn't on another server, try turning cookie encryption on in Codeigniter.
Basically if it isn't then Codeigniter's Session class does some md5 hashing on the cookie to check there aren't any man in the middle attacks and I'm not sure whether due to time differences between server and client or what the reason is but that md5 hash fails.
The moment you turn on encrypting the cookie in config.php in Codeigniter it doesn't have a problem anymore cos it doesn't try that MD5 hash (the cookie has been encrypted using codeigniter's security library) and everything should play nicely.
Hope this helps someone. I was tearing my hair out for a day.
Basically if it isn't then Codeigniter's Session class does some md5 hashing on the cookie to check there aren't any man in the middle attacks and I'm not sure whether due to time differences between server and client or what the reason is but that md5 hash fails.
The moment you turn on encrypting the cookie in config.php in Codeigniter it doesn't have a problem anymore cos it doesn't try that MD5 hash (the cookie has been encrypted using codeigniter's security library) and everything should play nicely.
Hope this helps someone. I was tearing my hair out for a day.
Tagged:
0