diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-10-16 15:58:17 +0400 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-10-16 15:58:17 +0400 |
| commit | 6c22983f62caea05608bd4e7bcba2313b0c3a4a4 (patch) | |
| tree | cec5243db4043b7caf6cbc9f12c3b79e7c00bbd8 | |
| parent | 3ca5c71a0bbc330241a9b031c607aa81042fffa5 (diff) | |
Set oc_token to httponly
| -rw-r--r-- | lib/user.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/user.php b/lib/user.php index 9e0e82e79fe..ca8b985cee4 100644 --- a/lib/user.php +++ b/lib/user.php @@ -369,7 +369,7 @@ class OC_User { public static function setMagicInCookie($username, $token){ $secure_cookie = OC_Config::getValue("forcessl", false); setcookie("oc_username", $username, time()+60*60*24*15, '', '', $secure_cookie); - setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie); + setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie, true); setcookie("oc_remember_login", true, time()+60*60*24*15, '', '', $secure_cookie); } |