Skip to content
Browse files

Add httponly parameter to setcookie function for better xss attack pr…

…otection
  • Loading branch information...
1 parent fae6504 commit 7f9ffb9e6ccc6a6305c0f755f94c51a1943b1aae @acidvertigo acidvertigo committed
Showing with 2 additions and 2 deletions.
  1. +2 −2 catalog/includes/functions/general.php
View
4 catalog/includes/functions/general.php
@@ -1252,8 +1252,8 @@ function tep_rand($min = null, $max = null) {
}
}
- function tep_setcookie($name, $value = '', $expire = 0, $path = '/', $domain = '', $secure = 0) {
- setcookie($name, $value, $expire, $path, (tep_not_null($domain) ? $domain : ''), $secure);
+ function tep_setcookie($name, $value = '', $expire = 0, $path = '/', $domain = '', $secure = 0, $httponly = true) {
+ setcookie($name, $value, $expire, $path, (tep_not_null($domain) ? $domain : ''), $secure, $httponly);
}
function tep_validate_ip_address($ip_address) {

0 comments on commit 7f9ffb9

Please sign in to comment.
Something went wrong with that request. Please try again.