LBRYFoundation/lbry.com
1
0
Fork 0
mirror of https://github.com/LBRYFoundation/lbry.com.git synced 2025-08-23 17:47:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

actually enable secure cookies

Browse source
This commit is contained in:
Alex Grintsvayg 2016-07-28 15:59:47 -04:00
parent 030a953073
commit 69ce230107
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
controller/Session.class.php
View file

@ -18,10 +18,15 @@ class Session
public static function init()
{
session_start([
'cookie_secure' => IS_PRODUCTION, // cookie over ssl only
'cookie_httponly' => true, // no js access
]);
ini_set('session.cookie_secure', IS_PRODUCTION); // send cookie over ssl only
ini_set('session.cookie_httponly', true); // no js access to cookies
session_start();
if (!static::get('secure_and_httponly_set'))
{
session_regenerate_id(); // ensure that old cookies get new settings
}
static::set('secure_and_httponly_set', true);
}
public static function get($key, $default = null)