]> git.koha-community.org Git - koha.git/commit
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS
authorDavid Cook <dcook@prosentient.com.au>
Mon, 4 May 2020 01:12:26 +0000 (11:12 +1000)
committerAleisha Amohia <aleishaamohia@hotmail.com>
Tue, 25 Aug 2020 03:41:41 +0000 (15:41 +1200)
commit2e544f127c142d017b0bc2d3fe875091245b8780
tree2b6d7c9bbd6632ed792fc65ab4dc9fda551181c0
parentcd8ecbfed0fefedf91372d0f708e5b59620ca4b7
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS

This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.

Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var

This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.

Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
C4/Auth.pm
C4/Context.pm
C4/InstallAuth.pm
t/Context.t