WordPress.org

Make WordPress Core

Changeset 8808


Ignore:
Timestamp:
09/04/08 19:55:30 (6 years ago)
Author:
ryan
Message:

HttpOnly for PHP < 5.2. Props _ck_. see #7677

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/pluggable.php

    r8798 r8808  
    643643            setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true); 
    644644    } else { 
    645         setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure); 
    646         setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure); 
    647         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN); 
     645        setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN . '; HttpOnly', $secure); 
     646        setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN . '; HttpOnly', $secure); 
     647        setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN . '; HttpOnly'); 
    648648        if ( COOKIEPATH != SITECOOKIEPATH ) 
    649             setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN);  
     649            setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN . '; HttpOnly');   
    650650    } 
    651651} 
Note: See TracChangeset for help on using the changeset viewer.