[interchange] Allow setting of 'HttpOnly' on cookies, using Pragma. Patch by Mike Heins.
Josh Lavin
interchange-cvs at icdevgroup.org
Mon Apr 1 16:12:20 UTC 2013
commit 8271890cd46b53545bdeb6b1c7473bb81e77928e
Author: Josh Lavin <josh at perusion.com>
Date: Mon Apr 1 09:10:37 2013 -0700
Allow setting of 'HttpOnly' on cookies, using Pragma. Patch by Mike Heins.
from: http://www.icdevgroup.org/pipermail/interchange-users/2011-February/052657.html
"Looks like it would be a good thing to do in some cases. However, if as
with more and more catalogs, you use Web 2.0 features that call the
database via IC, then you will potentially break those functions."
Set
Pragma set_httponly
in catalog.cfg and you would be good to go.
lib/Vend/Server.pm | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
---
diff --git a/lib/Vend/Server.pm b/lib/Vend/Server.pm
index 99132dc..3a8437e 100644
--- a/lib/Vend/Server.pm
+++ b/lib/Vend/Server.pm
@@ -561,6 +561,7 @@ sub create_cookie {
$out .= $expstring;
}
$out .= '; secure' if $secure;
+ $out .= '; HttpOnly' if $::Pragma->{set_httponly};
$out .= "\r\n";
}
return $out;
More information about the interchange-cvs
mailing list