Has anyone used the directive session.cookie_secure when also using Zend_Captcha_Image? When enabled, every time

Question

0

Asked: June 2, 20262026-06-02T01:51:45+00:00 2026-06-02T01:51:45+00:00

Has anyone used the directive session.cookie_secure when also using Zend_Captcha_Image? When enabled, every time

0

Has anyone used the directive session.cookie_secure when also using
Zend_Captcha_Image? When enabled, every time I try to login it fails. Essentially
each request is treated as a new session, therefore failing the captcha verification even when I type it in correctly. I have been using Zend_Captcha_Image for several months without any problems and when the session.cookie_secure directive is removed, it works fine.

I have tried just using the session.cookie_secure directive in the php.ini
file. (this is not how I’m doing it now, but I included it here so you know).

Currently I’m calling Zend_Session::setOptions(array('cookie_httponly' => true, 'cookie_secure' => true )); in the application bootstrap. I have turned on & off resources.session.cookie_secure = true to no avail.

Does anyone have any ideas?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-02T01:51:47+00:00

Editorial Team

2026-06-02T01:51:47+00:00Added an answer on June 2, 2026 at 1:51 am

The cookie_secure setting only works over SSL. Do not set it unless you have SSL enabled with a certificate on your sever. Usually, you would enable this for use on the production site and disable it on the development servers.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Has anyone used the directive session.cookie_secure when also using Zend_Captcha_Image? When enabled, every time

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply