Zabbix Documentation 5.0

3.04.04.45.0 (current)| In development:5.2 (devel)| Unsupported:1.82.02.22.43.23.44.2Guidelines

User Tools

Site Tools


Sidebar

manual:web_interface:cookies

10 Cookies used by Zabbix

Overview

This page provides a list of cookies used by Zabbix.

NameDescriptionValuesExpires/Max-AgeHttpOnly1)Secure2)
PHPSESSIDUnique PHP session ID.

The length can be set in php.ini - session.sid_length.
Example: kvlp5pu2ru1a2ccvff0g52m87aSession (expires when the browsing session ends)++ (only if HTTPS is enabled on a web server)
ZBX_SESSION_NAME
(available since 4.0.0).
String used as the name of the Zabbix frontend session cookie.

Default: zbx_sessionid
Unique session cookie ID - a 32 character string. Example: 004bc0213e7e8bca87fcc3919eca5270 Current date and time +1 month (31 days) + + (only if HTTPS is enabled on a web server)
tabActive tab number; this cookie is only used on pages with multiple tabs (e.g. Host, Trigger or Action configuration page) and is created, when a user navigates from a primary tab to another tab (such as Tags or Dependencies tab).

0 is used for the primary tab.
Example: 1Session (expires when the browsing session ends)- -
browserwarning_ignoreWhether a warning about using an outdated browser should be ignored.yesSession (expires when the browsing session ends)- -
messageOkA message to show as soon as page is reloaded.Plain text messageSession (expires when the browsing session ends) or as soon as page is reloaded+ -
messageErrorAn error message to show as soon as page is reloaded.Plain text messageSession (expires when the browsing session ends) or as soon as page is reloaded+ -
Forcing 'HttpOnly' flag on Zabbix cookies by a webserver directive is not supported.
1)
When HttpOnly is 'true' the cookie will be made accessible only through the HTTP protocol. This means that the cookie won't be accessible by scripting languages, such as JavaScript. This setting can effectively help to reduce identity theft through XSS attacks (although it is not supported by all browsers).
2)
Secure indicates that the cookie should only be transmitted over a secure HTTPS connection from the client. When set to 'true', the cookie will only be set if a secure connection exists.