Support of secured cookies

[JochenS]

On a HTTPS connection the cookies should be stored with the parameter

• secure = true
• http only =true

See forum: http://forum.phpmyfaq.de/viewtopic.php?f=7&t=40786

[thorsten]

Fixed with c420e7d

[JochenS]

Hi Thorsten, Ist '.$_SERVER['HTTP_HOST da richtig? Das hatte ich mir zuerst auch überlegt. Aber das hier hat mich stutzig gemacht: https://expressionengine.com/blog/http-host-and-server-name-security-issues Wäre es nicht besser den string aus den Einstellungen zu laden? Danke! Jochen Steinhilber Technical Assistance Center Europe http://web.ge51.honeywell.de/tac/ From: Thorsten Rinne [mailto:notifications@github.com] Sent: Mittwoch, 9. August 2017 09:29 To: thorsten/phpMyFAQ <phpMyFAQ@noreply.github.com> Cc: Steinhilber, Jochen <Jochen.Steinhilber@honeywell.com>; Author <author@noreply.github.com> Subject: Re: [thorsten/phpMyFAQ] Support of secured cookies (#1349) Fixed with c420e7d<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fthorsten%2FphpMyFAQ%2Fcommit%2Fc420e7dc68e8755d38921f63fc075a552e13d30f&data=02%7C01%7Cjochen.steinhilber%40honeywell.com%7Cff10da007bd24ef0d93108d4def85f4f%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C636378605727120783&sdata=hnBdYFEnCjt9wxGpYPSBrop0gecUTggKC5EPoYLXcjU%3D&reserved=0> — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fthorsten%2FphpMyFAQ%2Fissues%2F1349%23issuecomment-321176511&data=02%7C01%7Cjochen.steinhilber%40honeywell.com%7Cff10da007bd24ef0d93108d4def85f4f%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C636378605727120783&sdata=xWk0MpsDCjRBcBUfai%2FRwk21Yq1Tmak0LKAKAjwgpc4%3D&reserved=0>, or mute the thread<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAAngZKfhtYIXP1p7LR93TRHeZhPmeOmWks5sWV_YgaJpZM4OxomA&data=02%7C01%7Cjochen.steinhilber%40honeywell.com%7Cff10da007bd24ef0d93108d4def85f4f%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C636378605727120783&sdata=Zd3qv7H1RNyGw9wBPsqLGo6bwdWkPpmckVCC6Fcylpc%3D&reserved=0>.

[thorsten]

Würde auch gehen, ist wohl auch besser die Idee...