diff options
| author | Pierre Schmitz <pierre@archlinux.de> | 2013-08-12 09:28:15 +0200 |
|---|---|---|
| committer | Pierre Schmitz <pierre@archlinux.de> | 2013-08-12 09:28:15 +0200 |
| commit | 08aa4418c30cfc18ccc69a0f0f9cb9e17be6c196 (patch) | |
| tree | 577a29fb579188d16003a209ce2a2e9c5b0aa2bd /includes/WebResponse.php | |
| parent | cacc939b34e315b85e2d72997811eb6677996cc1 (diff) | |
Update to MediaWiki 1.21.1
Diffstat (limited to 'includes/WebResponse.php')
| -rw-r--r-- | includes/WebResponse.php | 56 |
1 files changed, 36 insertions, 20 deletions
diff --git a/includes/WebResponse.php b/includes/WebResponse.php index 193101b1..8e15d712 100644 --- a/includes/WebResponse.php +++ b/includes/WebResponse.php @@ -30,8 +30,8 @@ class WebResponse { /** * Output a HTTP header, wrapper for PHP's * header() - * @param $string String: header to output - * @param $replace Bool: replace current similar header + * @param string $string header to output + * @param bool $replace replace current similar header * @param $http_response_code null|int Forces the HTTP response code to the specified value. */ public function header( $string, $replace = true, $http_response_code = null ) { @@ -40,15 +40,20 @@ class WebResponse { /** * Set the browser cookie - * @param $name String: name of cookie - * @param $value String: value to give cookie - * @param $expire Int: number of seconds til cookie expires - * @param $prefix String: Prefix to use, if not $wgCookiePrefix (use '' for no prefix) - * @param @domain String: Cookie domain to use, if not $wgCookieDomain + * @param string $name name of cookie + * @param string $value value to give cookie + * @param int $expire Unix timestamp (in seconds) when the cookie should expire. + * 0 (the default) causes it to expire $wgCookieExpiration seconds from now. + * @param string $prefix Prefix to use, if not $wgCookiePrefix (use '' for no prefix) + * @param string $domain Cookie domain to use, if not $wgCookieDomain + * @param $forceSecure Bool: + * true: force the cookie to be set with the secure attribute + * false: force the cookie to be set without the secure attribute + * null: use the value from $wgCookieSecure */ - public function setcookie( $name, $value, $expire = 0, $prefix = null, $domain = null ) { + public function setcookie( $name, $value, $expire = 0, $prefix = null, $domain = null, $forceSecure = null ) { global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain; - global $wgCookieSecure,$wgCookieExpiration, $wgCookieHttpOnly; + global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly; if ( $expire == 0 ) { $expire = time() + $wgCookieExpiration; } @@ -58,7 +63,18 @@ class WebResponse { if( $domain === null ) { $domain = $wgCookieDomain; } - $httpOnlySafe = wfHttpOnlySafe() && $wgCookieHttpOnly; + + if ( is_null( $forceSecure ) ) { + $secureCookie = $wgCookieSecure; + } else { + $secureCookie = $forceSecure; + } + + // Mark the cookie as httpOnly if $wgCookieHttpOnly is true, + // unless the requesting user-agent is known to have trouble with + // httpOnly cookies. + $httpOnlySafe = $wgCookieHttpOnly && wfHttpOnlySafe(); + wfDebugLog( 'cookie', 'setcookie: "' . implode( '", "', array( @@ -67,14 +83,14 @@ class WebResponse { $expire, $wgCookiePath, $domain, - $wgCookieSecure, + $secureCookie, $httpOnlySafe ) ) . '"' ); setcookie( $prefix . $name, $value, $expire, $wgCookiePath, $domain, - $wgCookieSecure, + $secureCookie, $httpOnlySafe ); } } @@ -89,8 +105,8 @@ class FauxResponse extends WebResponse { /** * Stores a HTTP header - * @param $string String: header to output - * @param $replace Bool: replace current similar header + * @param string $string header to output + * @param bool $replace replace current similar header * @param $http_response_code null|int Forces the HTTP response code to the specified value. */ public function header( $string, $replace = true, $http_response_code = null ) { @@ -133,14 +149,14 @@ class FauxResponse extends WebResponse { /** * @todo document. It just ignore optional parameters. * - * @param $name String: name of cookie - * @param $value String: value to give cookie - * @param $expire Int: number of seconds til cookie expires (Default: 0) + * @param string $name name of cookie + * @param string $value value to give cookie + * @param int $expire number of seconds til cookie expires (Default: 0) * @param $prefix TODO DOCUMENT (Default: null) * @param $domain TODO DOCUMENT (Default: null) - * + * @param $forceSecure TODO DOCUMENT (Default: null) */ - public function setcookie( $name, $value, $expire = 0, $prefix = null, $domain = null ) { + public function setcookie( $name, $value, $expire = 0, $prefix = null, $domain = null, $forceSecure = null ) { $this->cookies[$name] = $value; } @@ -148,7 +164,7 @@ class FauxResponse extends WebResponse { * @param $name string * @return string */ - public function getcookie( $name ) { + public function getcookie( $name ) { if ( isset( $this->cookies[$name] ) ) { return $this->cookies[$name]; } |