AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-11 08:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Small change re https

Browse Source
This commit is contained in:
Marcus Hill
2022-01-11 20:14:29 +00:00
parent 2742410e4b
commit 0382dbbfb2
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
functions.php
View File

@@ -368,12 +368,13 @@ function generateUserSessionKey($site_encryption_master_key){
$_SESSION['user_encryption_session_iv'] = $user_encryption_session_iv; $_SESSION['user_encryption_session_iv'] = $user_encryption_session_iv;
//Give the user "their" key as a cookie //Give the user "their" key as a cookie
//By default, this should be HTTPS but we can change to HTTP for development via the config.php file
if($config_https_only){ if($config_https_only){
setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/", "", "true", "true"); setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/", "", "true", "true");
} }
else { else{
// No secure flag setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/");
setcookie("user_encryption_session_key", $user_encryption_session_key, 0, "/", "", "false", "true"); $_SESSION['alert_message'] = "Unencrypted connection: Using HTTP only.";
} }
} }