diff options
author | robocoder <anthon.pang@gmail.com> | 2010-11-03 05:23:48 +0300 |
---|---|---|
committer | robocoder <anthon.pang@gmail.com> | 2010-11-03 05:23:48 +0300 |
commit | c505b83252f31a7b31af595b933761bcf29c7276 (patch) | |
tree | a06795118242aa0953c5937f2c36ad9011a70111 /core/Cookie.php | |
parent | 84f8acc5ae1434a59417da0a3266249d4ecc8aff (diff) |
fixes #1795 - set secure flag in login cookie when https (or reverse proxy)
git-svn-id: http://dev.piwik.org/svn/trunk@3286 59fd770c-687e-43c8-a1e3-f5a4ff64c105
Diffstat (limited to 'core/Cookie.php')
-rw-r--r-- | core/Cookie.php | 55 |
1 files changed, 53 insertions, 2 deletions
diff --git a/core/Cookie.php b/core/Cookie.php index 98a055a6d1..94ee0358cc 100644 --- a/core/Cookie.php +++ b/core/Cookie.php @@ -34,7 +34,28 @@ class Piwik_Cookie * The expire time for the cookie (expressed in UNIX Timestamp) */ protected $expire = null; - + + /** + * Restrict cookie path + */ + protected $path = ''; + + /** + * Restrict cookie to a domain (or subdomains) + */ + protected $domain = ''; + + /** + * If true, cookie should only be transmitted over secure HTTPS + */ + protected $secure = false; + + /** + * If true, cookie will only be made available via the HTTP protocol. + * Note: not well supported by browsers. + */ + protected $httponly = false; + /** * The content of the cookie */ @@ -158,7 +179,7 @@ class Piwik_Cookie } $this->setP3PHeader(); - $this->setCookie( $this->name, $cookieString, $this->expire, $this->path); + $this->setCookie($this->name, $cookieString, $this->expire, $this->path, $this->domain, $this->secure, $this->httponly); } /** @@ -247,6 +268,36 @@ class Piwik_Cookie return ''; } + + /** + * Set cookie domain + * + * @param string $domain + */ + public function setDomain($domain) + { + $this->domain = $domain; + } + + /** + * Set secure flag + * + * @param bool $secure + */ + public function setSecure($secure) + { + $this->secure = $secure; + } + + /** + * Set HTTP only + * + * @param bool $httponly + */ + public function setHttpOnly($httponly) + { + $this->httponly = $httponly; + } /** * Registers a new name => value association in the cookie. |