]> git.koha-community.org Git - koha.git/commit
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS
authorDavid Cook <dcook@prosentient.com.au>
Mon, 4 May 2020 01:12:26 +0000 (11:12 +1000)
committerLucas Gass <lucas@bywatersolutions.com>
Mon, 31 Aug 2020 20:05:05 +0000 (20:05 +0000)
commit66712d0fe62445201506235af33a4303dfc1559f
tree85518f6de699c3fec4c29adfd796eb0a455134c1
parenta9ad9a112d51920c93be62809ded20d29b755d79
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS

This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.

Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var

This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.

Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit c2a0b7a4e761b7d3bea9145440313e832808c60b)
C4/Auth.pm
C4/Context.pm
C4/InstallAuth.pm
t/Context.t