Merge pull request #29 from mtavkhelidze/add_httponly_flag_to_cookies

Add httponly flag to cookies
This commit is contained in:
Alex Tselegidis 2015-06-17 21:20:26 +02:00
commit 26006df5b9
3 changed files with 8 additions and 6 deletions

View file

@ -284,7 +284,7 @@ class CI_Input {
$expire = ($expire > 0) ? time() + $expire : 0; $expire = ($expire > 0) ? time() + $expire : 0;
} }
setcookie($prefix.$name, $value, $expire, $path, $domain, $secure); setcookie($prefix.$name, $value, $expire, $path, $domain, $secure, true);
} }
// -------------------------------------------------------------------- // --------------------------------------------------------------------
@ -863,4 +863,4 @@ class CI_Input {
} }
/* End of file Input.php */ /* End of file Input.php */
/* Location: ./system/core/Input.php */ /* Location: ./system/core/Input.php */

View file

@ -190,7 +190,7 @@ class CI_Security {
return FALSE; return FALSE;
} }
setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie, true);
log_message('debug', "CRSF cookie Set"); log_message('debug', "CRSF cookie Set");
@ -872,4 +872,4 @@ class CI_Security {
} }
/* End of file Security.php */ /* End of file Security.php */
/* Location: ./system/core/Security.php */ /* Location: ./system/core/Security.php */

View file

@ -429,7 +429,8 @@ class CI_Session {
($this->now - 31500000), ($this->now - 31500000),
$this->cookie_path, $this->cookie_path,
$this->cookie_domain, $this->cookie_domain,
0 0,
true
); );
// Kill session data // Kill session data
@ -685,7 +686,8 @@ class CI_Session {
$expire, $expire,
$this->cookie_path, $this->cookie_path,
$this->cookie_domain, $this->cookie_domain,
$this->cookie_secure $this->cookie_secure,
true
); );
} }