tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-25 14:54:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/session-cookie-11187'

Browse Source 
fixes #11187
This commit is contained in:
Eric Lippmann 2016-02-27 22:47:20 +01:00
commit 25f596969f
3 changed files with 18 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/Icinga/Application/Web.php
View File

@ -82,9 +82,9 @@ class Web extends EmbeddedWeb
->setupLogging() ->setupLogging()
->setupErrorHandling() ->setupErrorHandling()
->loadConfig() ->loadConfig()
->setupRequest()
->setupSession() ->setupSession()
->setupNotifications() ->setupNotifications()
->setupRequest()
->setupResponse() ->setupResponse()
->setupZendMvc() ->setupZendMvc()
->setupModuleManager() ->setupModuleManager()

9
library/Icinga/Web/Cookie.php
View File

@ -96,6 +96,9 @@ class Cookie
*/ */
public function getDomain() public function getDomain()
{ {
if ($this->domain === null) {
$this->domain = Config::app()->get('cookie', 'domain');
}
return $this->domain; return $this->domain;
} }
@ -182,9 +185,9 @@ class Cookie
if ($path === null) { if ($path === null) {
// The following call could be used as default for ConfigObject::get(), but we prevent unnecessary // The following call could be used as default for ConfigObject::get(), but we prevent unnecessary
// function calls here, if the path is set in the config // function calls here, if the path is set in the config
$path = Icinga::app()->getRequest()->getBaseUrl(); $path = Icinga::app()->getRequest()->getBaseUrl() . '/'; // Zend has rtrim($baseUrl, '/')
} }
return $path; $this->path = $path;
} }
return $this->path; return $this->path;
} }
@ -219,7 +222,7 @@ class Cookie
// function calls here, if the secure flag is set in the config // function calls here, if the secure flag is set in the config
$secure = Icinga::app()->getRequest()->isSecure(); $secure = Icinga::app()->getRequest()->isSecure();
} }
return $secure; $this->secure = $secure;
} }
return $this->secure; return $this->secure;
} }

11
library/Icinga/Web/Session/PhpSession.php
View File

@ -5,6 +5,7 @@ namespace Icinga\Web\Session;
use Icinga\Application\Logger; use Icinga\Application\Logger;
use Icinga\Exception\ConfigurationError; use Icinga\Exception\ConfigurationError;
use Icinga\Web\Cookie;
/** /**
* Session implementation in PHP * Session implementation in PHP
@ -102,11 +103,21 @@ class PhpSession extends Session
ini_set('session.cache_limiter', null); ini_set('session.cache_limiter', null);
} }
$cookie = new Cookie('bogus');
session_set_cookie_params(
0,
$cookie->getPath(),
$cookie->getDomain(),
$cookie->isSecure(),
true
);
session_start(); session_start();
if ($this->hasBeenTouched) { if ($this->hasBeenTouched) {
ini_set('session.use_cookies', true); ini_set('session.use_cookies', true);
ini_set('session.use_only_cookies', true); ini_set('session.use_only_cookies', true);
/** @noinspection PhpUndefinedVariableInspection */
ini_set('session.cache_limiter', $cacheLimiter); ini_set('session.cache_limiter', $cacheLimiter);
} }
} }