Set oc_token to httponly

This commit is contained in:
Lukas Reschke 2012-10-16 13:58:00 +02:00
parent f06467b95b
commit 50684a5a34
1 changed files with 1 additions and 1 deletions

View File

@ -473,7 +473,7 @@ class OC_User {
public static function setMagicInCookie($username, $token) {
$secure_cookie = OC_Config::getValue("forcessl", false);
setcookie("oc_username", $username, time()+60*60*24*15, '', '', $secure_cookie);
setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie);
setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie, true);
setcookie("oc_remember_login", true, time()+60*60*24*15, '', '', $secure_cookie);
}