mbirth/LuckyCoinkydink
Archived
1
0
Fork 0
Code Issues Pull Requests Activity

Use "secure" flag on SSL connections, thanks to dayton967

Browse Source
This commit is contained in:
Garvin Hicking
2015-03-22 00:41:37 +01:00
parent e7d822be11
commit 5985577fbe
2 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/NEWS
View File

@ -58,6 +58,9 @@ Version 2.1 ()
Version 2.0.2 () Version 2.0.2 ()
------------------------------------------------------------------------ ------------------------------------------------------------------------
* Use "secure" flag for (session) cookies sent over SSL, thanks to
dayton967
* Make preview_iframe.tpl template files load the proper frontend * Make preview_iframe.tpl template files load the proper frontend
CSS file, including cache-busting version string when changing CSS file, including cache-busting version string when changing
themes themes

3
serendipity_config.inc.php
View File

@ -10,6 +10,9 @@ if (defined('S9Y_FRAMEWORK')) {
if (!headers_sent() && php_sapi_name() !== 'cli') { if (!headers_sent() && php_sapi_name() !== 'cli') {
// Only set the session name, if no session has yet been issued. // Only set the session name, if no session has yet been issued.
if (session_id() == '') { if (session_id() == '') {
$cookieParams = session_get_cookie_params();
$cookieParams['secure'] = (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? true : false);
session_set_cookie_params($cookieParams['lifetime'], $cookieParams['path'], $cookieParams['domain'], $cookieParams['secure'], $cookieParams['httponly']);
session_name('s9y_' . md5(dirname(__FILE__))); session_name('s9y_' . md5(dirname(__FILE__)));
session_start(); session_start();
} }