]> git.koha-community.org Git - koha.git/commit
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS
authorDavid Cook <dcook@prosentient.com.au>
Mon, 4 May 2020 01:12:26 +0000 (11:12 +1000)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Thu, 3 Sep 2020 08:40:35 +0000 (10:40 +0200)
commitb42d57984bda809f2d8904781b9e7b70120ddf77
tree54cb58a7bbfbc9ee8088d252e32e33c9b3d67fe2
parent72f4765e6f6eb5076d4c05563ad28e05314e2ef4
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS

This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.

Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var

This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.

Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
C4/Auth.pm
C4/Context.pm
C4/InstallAuth.pm
t/Context.t