[Pkg-owncloud-commits] [owncloud] 59/73: Set oc_token to httponly
David Prévot
taffit at alioth.debian.org
Fri Nov 8 23:09:12 UTC 2013
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v4.0.10
in repository owncloud.
commit 6c22983f62caea05608bd4e7bcba2313b0c3a4a4
Author: Lukas Reschke <lukas at statuscode.ch>
Date: Tue Oct 16 13:58:17 2012 +0200
Set oc_token to httponly
---
lib/user.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/user.php b/lib/user.php
index 9e0e82e..ca8b985 100644
--- a/lib/user.php
+++ b/lib/user.php
@@ -369,7 +369,7 @@ class OC_User {
public static function setMagicInCookie($username, $token){
$secure_cookie = OC_Config::getValue("forcessl", false);
setcookie("oc_username", $username, time()+60*60*24*15, '', '', $secure_cookie);
- setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie);
+ setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie, true);
setcookie("oc_remember_login", true, time()+60*60*24*15, '', '', $secure_cookie);
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list