summaryrefslogtreecommitdiffstats
path: root/user_guide_src/source
diff options
context:
space:
mode:
authorPascal Kriete <pascal@pascalkriete.com>2012-10-16 17:54:49 +0200
committerPascal Kriete <pascal@pascalkriete.com>2012-10-16 17:54:49 +0200
commitf69f0e8f02815d44e218b013c8da92cebabbdcb1 (patch)
treee26882361d218b442dced3bf9b9edd425aefae7c /user_guide_src/source
parent2220fbe70503dd6d7ff9b2a57b84685955e815ab (diff)
Updating the cookie driver to use HMAC authentication on all cookie data.
Signed-off-by: Pascal Kriete <pascal@pascalkriete.com>
Diffstat (limited to 'user_guide_src/source')
-rw-r--r--user_guide_src/source/changelog.rst2
1 files changed, 2 insertions, 0 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 811aa8faf..165ff8ca0 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -159,6 +159,8 @@ Release Date: Not Released
- New tempdata feature allows setting user data items with an expiration time.
- Added default $config['sess_driver'] and $config['sess_valid_drivers'] items to config.php file.
- Cookie driver now respects php.ini's session.gc_probability and session.gc_divisor
+ - The Cookie driver now uses HMAC authentication instead of the simple md5 checksum.
+ - The Cookie driver now also checks authentication on encrypted session data.
- Changed the Cookie driver to select only one row when using database sessions.
- Cookie driver now only writes to database at end of request when using database.
- Cookie driver now uses PHP functions for faster array manipulation when using database.