Set cookies HttpOnly.

author Joey Hess <joey@kodama.kitenet.net>

Thu, 28 Aug 2008 20:09:58 +0000 (16:09 -0400)

committer Joey Hess <joey@kodama.kitenet.net>

Thu, 28 Aug 2008 20:09:58 +0000 (16:09 -0400)
author Joey Hess <joey@kodama.kitenet.net>
Thu, 28 Aug 2008 20:09:58 +0000 (16:09 -0400)
committer Joey Hess <joey@kodama.kitenet.net>
Thu, 28 Aug 2008 20:09:58 +0000 (16:09 -0400)
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm

index a050434782c6445d8cb9d05738305bee3ea5833e..6f5d8aee65d2a8b20333be29fba60df15786f569 100644 (file)
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -14,9 +14,10 @@ sub printheader ($) { #{{{
         
         if ($config{sslcookie}) {
                 print $session->header(-charset => 'utf-8',
-                       -cookie => $session->cookie(-secure => 1));
+                       -cookie => $session->cookie(-httponly => 1, -secure => 1));
         } else {
-               print $session->header(-charset => 'utf-8');
+               print $session->header(-charset => 'utf-8',
+                       -cookie => $session->cookie(-httponly => 1));
         }
  } #}}}
  
diff --git a/debian/changelog b/debian/changelog

index bd8d8d743400de52d6e9227ce476baa88b058157..21fdfea9d8525c85a55900dc5005ee68171757a8 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ikiwiki (2.62.2) UNRELEASED; urgency=low
+
+  * Set cookies HttpOnly.
+
+ -- Joey Hess <joeyh@debian.org>  Thu, 28 Aug 2008 16:08:18 -0400
+
  ikiwiki (2.62.1) unstable; urgency=low
  
    * filecheck: Fixed two bits broken in move from attachment.
author	Joey Hess <joey@kodama.kitenet.net>
	Thu, 28 Aug 2008 20:09:58 +0000 (16:09 -0400)
committer	Joey Hess <joey@kodama.kitenet.net>
	Thu, 28 Aug 2008 20:09:58 +0000 (16:09 -0400)
IkiWiki/CGI.pm		patch \| blob \| history
debian/changelog		patch \| blob \| history