diff options
author | freewil <sean@eternalrise.com> | 2012-03-14 03:37:42 +0100 |
---|---|---|
committer | freewil <sean@eternalrise.com> | 2012-03-18 19:32:17 +0100 |
commit | 4ad0fd86e8dc6dba74305dbb0c88c593b46a19a2 (patch) | |
tree | ce86c3c8958b2df033c873386f6f8261bc40b0eb /system/libraries/Session.php | |
parent | e464b39b8594ef317cf5b47b4e130ee9f63e7bd5 (diff) |
add support for httponly cookies
Diffstat (limited to 'system/libraries/Session.php')
-rw-r--r-- | system/libraries/Session.php | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/system/libraries/Session.php b/system/libraries/Session.php index 0b9d45b2a..0c8d46591 100644 --- a/system/libraries/Session.php +++ b/system/libraries/Session.php @@ -48,6 +48,7 @@ class CI_Session { public $cookie_path = ''; public $cookie_domain = ''; public $cookie_secure = FALSE; + public $cookie_httponly = FALSE; public $sess_time_to_update = 300; public $encryption_key = ''; public $flashdata_key = 'flash'; @@ -72,7 +73,7 @@ class CI_Session { // Set all the session preferences, which can either be set // manually via the $params array above or via the config file - foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'cookie_secure', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key) + foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key) { $this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key); } @@ -666,13 +667,14 @@ class CI_Session { // Set the cookie setcookie( - $this->sess_cookie_name, - $cookie_data, - $expire, - $this->cookie_path, - $this->cookie_domain, - $this->cookie_secure - ); + $this->sess_cookie_name, + $cookie_data, + $expire, + $this->cookie_path, + $this->cookie_domain, + $this->cookie_secure, + $this->cookie_httponly + ); } // -------------------------------------------------------------------- |