[Pkg-owncloud-commits] [owncloud] 43/67: Set oc_token to httponly
David Prévot
taffit at alioth.debian.org
Fri Nov 8 23:10:40 UTC 2013
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v4.5.1
in repository owncloud.
commit 50684a5a343a8fbedabe2032d6cef946c7ea1924
Author: Lukas Reschke <lukas at statuscode.ch>
Date: Tue Oct 16 13:58:00 2012 +0200
Set oc_token to httponly
---
lib/user.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/user.php b/lib/user.php
index 7de2a4b..b5b7a2c 100644
--- a/lib/user.php
+++ b/lib/user.php
@@ -473,7 +473,7 @@ class OC_User {
public static function setMagicInCookie($username, $token) {
$secure_cookie = OC_Config::getValue("forcessl", false);
setcookie("oc_username", $username, time()+60*60*24*15, '', '', $secure_cookie);
- setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie);
+ setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie, true);
setcookie("oc_remember_login", true, time()+60*60*24*15, '', '', $secure_cookie);
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list