danwin1210/onion-link-list
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Set secure cookie attributes

Browse Source
This commit is contained in:
Daniel Winzen
2020-10-16 11:11:11 +02:00
parent 0e221ecadf
commit 9f5c519652
1 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
common_config.php
View File

@ -51,7 +51,7 @@ $L=[
if(isSet($_REQUEST['lang']) && isSet($L[$_REQUEST['lang']])){ if(isSet($_REQUEST['lang']) && isSet($L[$_REQUEST['lang']])){
$language=$_REQUEST['lang']; $language=$_REQUEST['lang'];
if(!isSet($_COOKIE['language']) || $_COOKIE['language']!==$language){ if(!isSet($_COOKIE['language']) || $_COOKIE['language']!==$language){
setcookie('language', $language); set_secure_cookie('language', $language);
} }
}elseif(isSet($_COOKIE['language']) && isSet($L[$_COOKIE['language']])){ }elseif(isSet($_COOKIE['language']) && isSet($L[$_COOKIE['language']])){
$language=$_COOKIE['language']; $language=$_COOKIE['language'];
@ -131,3 +131,24 @@ function send_headers(array $styles = []){
exit; // headers sent, no further processing needed exit; // headers sent, no further processing needed
} }
} }
function set_secure_cookie($name, $value){
if (version_compare(PHP_VERSION, '7.3.0') >= 0) {
setcookie($name, $value, ['expires' => 0, 'path' => '/', 'domain' => '', 'secure' => is_definitely_ssl(), 'httponly' => true, 'samesite' => 'Strict']);
}else{
setcookie($name, $value, 0, '/', '', is_definitely_ssl(), true);
}
}
function is_definitely_ssl() {
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
return true;
}
if (isset($_SERVER['SERVER_PORT']) && ('443' == $_SERVER['SERVER_PORT'])) {
return true;
}
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && ('https' === $_SERVER['HTTP_X_FORWARDED_PROTO'])) {
return true;
}
return false;
}