Add httponly flag to cookies.

This commit is contained in:
Misha Tavkhelidze 2015-06-04 13:27:51 +04:00
parent fb1a0d6d25
commit 8b45cb4496
3 changed files with 8 additions and 6 deletions

View file

@ -284,7 +284,7 @@ class CI_Input {
$expire = ($expire > 0) ? time() + $expire : 0;
}
setcookie($prefix.$name, $value, $expire, $path, $domain, $secure);
setcookie($prefix.$name, $value, $expire, $path, $domain, $secure, true
}
// --------------------------------------------------------------------
@ -863,4 +863,4 @@ class CI_Input {
}
/* End of file Input.php */
/* Location: ./system/core/Input.php */
/* Location: ./system/core/Input.php */

View file

@ -190,7 +190,7 @@ class CI_Security {
return FALSE;
}
setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie);
setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie, true);
log_message('debug', "CRSF cookie Set");
@ -872,4 +872,4 @@ class CI_Security {
}
/* End of file Security.php */
/* Location: ./system/core/Security.php */
/* Location: ./system/core/Security.php */

View file

@ -429,7 +429,8 @@ class CI_Session {
($this->now - 31500000),
$this->cookie_path,
$this->cookie_domain,
0
0,
true
);
// Kill session data
@ -685,7 +686,8 @@ class CI_Session {
$expire,
$this->cookie_path,
$this->cookie_domain,
$this->cookie_secure
$this->cookie_secure,
true
);
}