adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-19 11:06:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make CakeSession use httponly by default.

Browse source 
Fixes #2955
This commit is contained in:
mark_story 2012-06-12 20:00:19 -04:00
parent f467785a8c
commit f625742a12
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
lib/Cake/Model/Datasource/CakeSession.php
View file

@ -475,6 +475,9 @@ class CakeSession {
if (!isset($sessionConfig['ini']['session.gc_maxlifetime'])) {
$sessionConfig['ini']['session.gc_maxlifetime'] = $sessionConfig['timeout'] * 60;
}
if (!isset($sessionConfig['ini']['session.cookie_httponly'])) {
$sessionConfig['ini']['session.cookie_httponly'] = 1;
}
if (empty($_SESSION)) {
if (!empty($sessionConfig['ini']) && is_array($sessionConfig['ini'])) {