Révision 16789caa
Ajouté par Renato Botelho il y a presque 10 ans
etc/inc/auth.inc | ||
---|---|---|
1347 | 1347 |
global $config, $_SESSION, $page; |
1348 | 1348 |
|
1349 | 1349 |
// Handle HTTPS httponly and secure flags |
1350 |
if($config['system']['webgui']['protocol'] == "https") { |
|
1351 |
$currentCookieParams = session_get_cookie_params(); |
|
1352 |
session_set_cookie_params( |
|
1353 |
$currentCookieParams["lifetime"], |
|
1354 |
$currentCookieParams["path"], |
|
1355 |
NULL, |
|
1356 |
true, |
|
1357 |
true |
|
1358 |
); |
|
1359 |
} |
|
1350 |
$currentCookieParams = session_get_cookie_params(); |
|
1351 |
session_set_cookie_params( |
|
1352 |
$currentCookieParams["lifetime"], |
|
1353 |
$currentCookieParams["path"], |
|
1354 |
NULL, |
|
1355 |
($config['system']['webgui']['protocol'] == "https"), |
|
1356 |
true |
|
1357 |
); |
|
1360 | 1358 |
|
1361 | 1359 |
if (!session_id()) |
1362 | 1360 |
session_start(); |
Formats disponibles : Unified diff
Always set httponly attribute on cookies