Add httponly flag to cookies.

This commit is contained in:
Misha Tavkhelidze 2015-06-04 13:27:51 +04:00
parent fb1a0d6d25
commit 8b45cb4496
3 changed files with 8 additions and 6 deletions

View file

@ -284,7 +284,7 @@ class CI_Input {
$expire = ($expire > 0) ? time() + $expire : 0; $expire = ($expire > 0) ? time() + $expire : 0;
} }
setcookie($prefix.$name, $value, $expire, $path, $domain, $secure); setcookie($prefix.$name, $value, $expire, $path, $domain, $secure, true
} }
// -------------------------------------------------------------------- // --------------------------------------------------------------------

View file

@ -190,7 +190,7 @@ class CI_Security {
return FALSE; return FALSE;
} }
setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); setcookie($this->_csrf_cookie_name, $this->_csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie, true);
log_message('debug', "CRSF cookie Set"); log_message('debug', "CRSF cookie Set");

View file

@ -429,7 +429,8 @@ class CI_Session {
($this->now - 31500000), ($this->now - 31500000),
$this->cookie_path, $this->cookie_path,
$this->cookie_domain, $this->cookie_domain,
0 0,
true
); );
// Kill session data // Kill session data
@ -685,7 +686,8 @@ class CI_Session {
$expire, $expire,
$this->cookie_path, $this->cookie_path,
$this->cookie_domain, $this->cookie_domain,
$this->cookie_secure $this->cookie_secure,
true
); );
} }