secure_cookies (httpOnly flag) in CS-Cart or Multi-Vendor¶
What is the cookie httpOnly flag and why it is needed¶
How to enable httpOnly in CS-Cart¶
- You need SSH/sFTP/FTP access to the project server because you will need to change the file
config.local.phpin the project directory.
- After you open the file
config.local.php, find there tweak
This tweak appeared since CS-Cart version 4.12.1, and if you do not have it - please get in touch with CS-Cart developers or technical support for help).
- Check the value; if there is
false, replace it with
true. Note that the entry should look like
'secure_cookies' => true,and there should be no additional quotes around