githubFork/roundcubemail.git

githubFork / roundcubemail

Roundcubemail devel

summary
reflog
commits
tree
docs
forks
compare

parent: cc0d55cb | patch | commit | ignore whitespace

Bind cookie gotten over HTTPS to HTTPS only (#1485336).

svncommit

2008-09-18 d0b973cf6aed4a7cb705f706624d25b31d19ed52

Bind cookie gotten over HTTPS to HTTPS only (#1485336).

1 files modified

program/include/session.inc

3 ●●●●● patch | view | raw | blame | history

 program/include/session.inc

@@ -184,7 +184,8 @@
  $lifetime = $cookie['lifetime'] ? time() + $cookie['lifetime'] : 0;

  setcookie(session_name(), '', time() - 3600);
  setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain']);
  setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain'],
            $_SERVER['HTTPS'] && ($_SERVER['HTTPS']!='off'));

  return true;
}

			@@ -184,7 +184,8 @@
			$lifetime = $cookie['lifetime'] ? time() + $cookie['lifetime'] : 0;

			setcookie(session_name(), '', time() - 3600);
			setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain']);
			setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain'],
			$_SERVER['HTTPS'] && ($_SERVER['HTTPS']!='off'));

			return true;
			}