add cookie secure parameter to cookies set by javascript

df5d307e · Gerrit Uitslag · 75e4dd8a · df5d307e · df5d307e
Commit df5d307e authored 11 years ago by Gerrit Uitslag
--- a/lib/exe/js.php
+++ b/lib/exe/js.php
@@ -86,16 +86,20 @@ function js_out(){
    // start output buffering and build the script
    ob_start();
+    $json = new JSON();
    // add some global variables
    print "var DOKU_BASE   = '".DOKU_BASE."';";
    print "var DOKU_TPL    = '".tpl_basedir()."';";
-    print "var DOKU_COOKIEPATH = '" . (empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir']) . "';";
+    print "var DOKU_COOKIE_PARAM = " . $json->encode(
+            array(
+                 'path' => empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'],
+                 'secure' => $conf['securecookie'] && is_ssl()
+            )).";";
    // FIXME: Move those to JSINFO
    print "var DOKU_UHN    = ".((int) useHeading('navigation')).";";
    print "var DOKU_UHC    = ".((int) useHeading('content')).";";
    // load JS specific translations
-    $json = new JSON();
    $lang['js']['plugins'] = js_pluginstrings();
    $templatestrings = js_templatestrings();
    if(!empty($templatestrings)) {

--- a/lib/scripts/cookie.js
+++ b/lib/scripts/cookie.js
@@ -30,7 +30,7 @@ var DokuCookie = {
                text.push(encodeURIComponent(key)+'#'+encodeURIComponent(val));
            }
        });
-        jQuery.cookie(this.name, text.join('#'), {expires: 365, path: DOKU_COOKIEPATH});
+        jQuery.cookie(this.name, text.join('#'), {expires: 365, path: DOKU_COOKIE_PARAM.path, secure: DOKU_COOKIE_PARAM.secure});
    },
    /**