From 2700d73e972eb2379d44a9bc0b198c8cdf7d06af Mon Sep 17 00:00:00 2001 From: Ingo Schommer Date: Thu, 10 Sep 2009 03:23:31 +0000 Subject: [PATCH] ENHANCEMENT Limiting "alc_enc" cookie (remember login token) to httpOnly to reduce risk of information exposure through XSS git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@86027 467b73ca-7a2a-4603-9d3b-597d59a354a9 --- security/Member.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/security/Member.php b/security/Member.php index 7ddd38850..72e618fd9 100644 --- a/security/Member.php +++ b/security/Member.php @@ -217,7 +217,8 @@ class Member extends DataObject { if($remember) { $token = substr(md5(uniqid(rand(), true)), 0, 49 - strlen($this->ID)); $this->RememberLoginToken = $token; - Cookie::set('alc_enc', $this->ID . ':' . $token); + // Set cookie (with HTTPOnly flag if running on PHP 5.2 or newer) + Cookie::set('alc_enc', $this->ID . ':' . $token, 90, null, null, null, true); } else { $this->RememberLoginToken = null; Cookie::set('alc_enc', null); @@ -284,7 +285,7 @@ class Member extends DataObject { $token = substr(md5(uniqid(rand(), true)), 0, 49 - strlen($member->ID)); $member->RememberLoginToken = $token; - Cookie::set('alc_enc', $member->ID . ':' . $token); + Cookie::set('alc_enc', $member->ID . ':' . $token, 90, null, null, null, true); $member->NumVisit++; $member->write();