| commit | b42d57984bda809f2d8904781b9e7b70120ddf77 | |
| author | David Cook <dcook@prosentient.com.au> | |
| Mon, 4 May 2020 01:12:26 +0000 (4 11:12 +1000) | ||
| committer | Jonathan Druart <jonathan.druart@bugs.koha-community.org> | |
| Thu, 3 Sep 2020 08:40:35 +0000 (3 10:40 +0200) | ||
| tree | 54cb58a7bbfbc9ee8088d252e32e33c9b3d67fe2 | treesnapshot (tar.gz zip) |
| parent | 72f4765e6f6eb5076d4c05563ad28e05314e2ef4 | commitdiff |
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS
This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.
Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var
This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.
Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.
Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var
This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.
Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
| C4/Auth.pm | diffblobblamehistory | |
| C4/Context.pm | diffblobblamehistory | |
| C4/InstallAuth.pm | diffblobblamehistory | |
| t/Context.t | diffblobblamehistory |