Merge pull request #2754 from owncloud/cookie-path
Just send the cookies in the ownCloud directory
This commit is contained in:
commit
6fc0319e1b
|
@ -323,6 +323,9 @@ class OC {
|
|||
// prevents javascript from accessing php session cookies
|
||||
ini_set('session.cookie_httponly', '1;');
|
||||
|
||||
// set the cookie path to the ownCloud directory
|
||||
ini_set('session.cookie_path', OC::$WEBROOT);
|
||||
|
||||
// set the session name to the instance id - which is unique
|
||||
session_name(OC_Util::getInstanceId());
|
||||
|
||||
|
@ -354,7 +357,7 @@ class OC {
|
|||
// session timeout
|
||||
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 60*60*24)) {
|
||||
if (isset($_COOKIE[session_name()])) {
|
||||
setcookie(session_name(), '', time() - 42000, '/');
|
||||
setcookie(session_name(), '', time() - 42000, OC::$WEBROOT);
|
||||
}
|
||||
session_unset();
|
||||
session_destroy();
|
||||
|
|
|
@ -633,9 +633,9 @@ class OC_User {
|
|||
public static function setMagicInCookie($username, $token) {
|
||||
$secure_cookie = OC_Config::getValue("forcessl", false);
|
||||
$expires = time() + OC_Config::getValue('remember_login_cookie_lifetime', 60*60*24*15);
|
||||
setcookie("oc_username", $username, $expires, '', '', $secure_cookie);
|
||||
setcookie("oc_token", $token, $expires, '', '', $secure_cookie, true);
|
||||
setcookie("oc_remember_login", true, $expires, '', '', $secure_cookie);
|
||||
setcookie("oc_username", $username, $expires, OC::$WEBROOT, '', $secure_cookie);
|
||||
setcookie("oc_token", $token, $expires, OC::$WEBROOT, '', $secure_cookie, true);
|
||||
setcookie("oc_remember_login", true, $expires, OC::$WEBROOT, '', $secure_cookie);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue