From: Joey Hess Date: Thu, 28 Aug 2008 20:09:58 +0000 (-0400) Subject: Set cookies HttpOnly. X-Git-Tag: 2.63~58 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/2a29641097d6f42b94953a4328a29898662625c8 Set cookies HttpOnly. --- diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index a05043478..6f5d8aee6 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -14,9 +14,10 @@ sub printheader ($) { #{{{ if ($config{sslcookie}) { print $session->header(-charset => 'utf-8', - -cookie => $session->cookie(-secure => 1)); + -cookie => $session->cookie(-httponly => 1, -secure => 1)); } else { - print $session->header(-charset => 'utf-8'); + print $session->header(-charset => 'utf-8', + -cookie => $session->cookie(-httponly => 1)); } } #}}} diff --git a/debian/changelog b/debian/changelog index bd8d8d743..21fdfea9d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ikiwiki (2.62.2) UNRELEASED; urgency=low + + * Set cookies HttpOnly. + + -- Joey Hess Thu, 28 Aug 2008 16:08:18 -0400 + ikiwiki (2.62.1) unstable; urgency=low * filecheck: Fixed two bits broken in move from attachment.