We have a requirement to set our cookies against a specific domain, and with the httpOnly flag set to true.
It would be great to have the facility in CWebUser to configure the settings on the cookie it uses to store state.
As a workaround I have overriden CWebUser->saveToCookie and copied the parent implementation, adding a few extra lines to set the properties of the CHttpCookie object before it is saved.
Does anyone know a cleaner way? Tnx