Laravel sessions without cookies

I have an application which allows user to log in and add items to basket, however if user has cookies turned off, this functionality would no longer work. I've checked facebook and it turns out even they need cookies enabled to function.

So my question is is it even possible to handle regular login/add to cart functionality without cookies?

Answers


This is not only Laravel specific. Check http://php.net/manual/en/session.configuration.php (specifically session.use_cookies and session.use_only_cookies) to see how you can enable the use of a _GET parameter instead.

As always, the documentation warns you that stealing a SESSION gets easy when you pass the ID via _GET.

But PHP should be automatically rewriting your URLs once you enable them, so no extra work required on your end, but I would personally keep the sessions restricted to a single IP and User-Agent - should make it hard for attackers.


I can see Laravel tag in your question, so I'm giving you a link to all possible ways of using sessions in Laravel:

https://laravel.com/docs/5.1/session


Need Your Help

Getting point symbols by pressing backspace, delete, up,

bash vim xterm

I have 2 local users on one host, both running with /bin/bash, I compared the env and locale settings and both are the same. But I still get these symbols "•••" on the test user while I'm pressing

jQuery string parsing logs a 404

javascript jquery html dom mustache

Here's the setup, I have a mustache template stored as a string, like so