diff options
Diffstat (limited to 'Bugzilla/Auth')
| -rw-r--r-- | Bugzilla/Auth/Persist/Cookie.pm | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/Bugzilla/Auth/Persist/Cookie.pm b/Bugzilla/Auth/Persist/Cookie.pm index 3faa892ae..4928068e5 100644 --- a/Bugzilla/Auth/Persist/Cookie.pm +++ b/Bugzilla/Auth/Persist/Cookie.pm @@ -76,17 +76,20 @@ sub persist_login { { $cgi->send_cookie(-name => 'Bugzilla_login', -value => $user->id, + -httponly => 1, -expires => 'Fri, 01-Jan-2038 00:00:00 GMT'); $cgi->send_cookie(-name => 'Bugzilla_logincookie', -value => $login_cookie, + -httponly => 1, -expires => 'Fri, 01-Jan-2038 00:00:00 GMT'); - } else { $cgi->send_cookie(-name => 'Bugzilla_login', - -value => $user->id); + -value => $user->id, + -httponly => 1); $cgi->send_cookie(-name => 'Bugzilla_logincookie', - -value => $login_cookie); + -value => $login_cookie, + -httponly => 1); } } |