From 00e4e0294f36f8e4a0c5926efdc16b31fcb4c788 Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Thu, 11 Aug 2011 16:31:25 +0200
Subject: Use secure and httponly session cookies

As discussed on the mailing list, enable "secure" and "httponly" for
session cookies to prevent them from being transferred over insecure
connections.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/html/logout.php       | 2 +-
 web/lib/acctfuncs.inc.php | 2 +-
 web/lib/aur.inc.php       | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'web')

diff --git a/web/html/logout.php b/web/html/logout.php
index dee6456a..1cdf453d 100644
--- a/web/html/logout.php
+++ b/web/html/logout.php
@@ -15,7 +15,7 @@ if (isset($_COOKIE["AURSID"])) {
 	$q.= mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
 	db_query($q, $dbh);
 	# setting expiration to 1 means '1 second after midnight January 1, 1970'
-	setcookie("AURSID", "", 1, "/");
+	setcookie("AURSID", "", 1, "/", null, !empty($_SERVER['HTTPS']), true);
 	unset($_COOKIE['AURSID']);
 }
 
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index b2f0548e..97fb69b9 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -658,7 +658,7 @@ function try_login() {
 				else
 					$cookie_time = 0;
 
-				setcookie("AURSID", $new_sid, $cookie_time, "/");
+				setcookie("AURSID", $new_sid, $cookie_time, "/", null, !empty($_SERVER['HTTPS']), true);
 				header("Location: " . $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']);
 				$login_error = "";
 
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 474ebeed..f4326974 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -47,7 +47,7 @@ function check_sid($dbh=NULL) {
 			# clear out the hacker's cookie, and send them to a naughty page
 			# why do you have to be so harsh on these people!?
 			#
-			setcookie("AURSID", "", 1, "/");
+			setcookie("AURSID", "", 1, "/", null, !empty($_SERVER['HTTPS']), true);
 			unset($_COOKIE['AURSID']);
 		} elseif ($failed == 2) {
 			# session id timeout was reached and they must login again.
@@ -56,7 +56,7 @@ function check_sid($dbh=NULL) {
 			$q.= mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
 			db_query($q, $dbh);
 
-			setcookie("AURSID", "", 1, "/");
+			setcookie("AURSID", "", 1, "/", null, !empty($_SERVER['HTTPS']), true);
 			unset($_COOKIE['AURSID']);
 		} else {
 			# still logged in and haven't reached the timeout, go ahead
-- 
cgit v1.2.3-24-g4f1b