]> git.koha-community.org Git - koha.git/commit
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS
authorDavid Cook <dcook@prosentient.com.au>
Mon, 4 May 2020 01:12:26 +0000 (11:12 +1000)
committerVictor Grousset/tuxayo <victor@tuxayo.net>
Mon, 24 Aug 2020 17:11:10 +0000 (19:11 +0200)
commit6a274ce64b49dde0bb5f00aa8adb0e45ba0b3d82
treecf8957ecc44863765762cd8d9323987c79d40401
parent498d84ad9f29e438e50998a2e0e5ac32186fbd8e
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS

This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.

Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var

This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.

Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
(cherry picked from commit b9d92bdc6c43e8d242c274682b16b6f45af35f86)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
C4/Auth.pm
C4/Context.pm
C4/InstallAuth.pm
t/Context.t