Fix path, secure flag and domain of session cookies

refs #11187
This commit is contained in:
Eric Lippmann 2016-02-27 22:24:01 +01:00
parent 5f642879c7
commit 5f43ac8f26
1 changed files with 11 additions and 0 deletions

View File

@ -5,6 +5,7 @@ namespace Icinga\Web\Session;
use Icinga\Application\Logger;
use Icinga\Exception\ConfigurationError;
use Icinga\Web\Cookie;
/**
* Session implementation in PHP
@ -102,11 +103,21 @@ class PhpSession extends Session
ini_set('session.cache_limiter', null);
}
$cookie = new Cookie('bogus');
session_set_cookie_params(
0,
$cookie->getPath(),
$cookie->getDomain(),
$cookie->isSecure(),
true
);
session_start();
if ($this->hasBeenTouched) {
ini_set('session.use_cookies', true);
ini_set('session.use_only_cookies', true);
/** @noinspection PhpUndefinedVariableInspection */
ini_set('session.cache_limiter', $cacheLimiter);
}
}