Home Explore Help
Sign In
mirrors
/
mailcow-dockerized
mirror of https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Fix bug: Session cookie domain

If the web domain is != mail domain, the session cookie is set to the wrong domain.
Dennis Neufeld 8 years ago
parent
53d02ded2a
commit
0d3d9b8c15
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      data/web/inc/sessions.inc.php

+ 1 - 1
data/web/inc/sessions.inc.php
View File 

@@ -13,7 +13,7 @@ elseif (isset($_SERVER['HTTPS'])) {
 
 else {

   $IS_HTTPS = false;

 }

-session_set_cookie_params($GLOBALS['SESSION_LIFETIME'], '/', $_SERVER['SERVER_NAME'], $IS_HTTPS, true);

+session_set_cookie_params($GLOBALS['SESSION_LIFETIME'], '/', '', $IS_HTTPS, true);

 session_start();

 if (!isset($_SESSION['CSRF']['TOKEN'])) {

   $_SESSION['CSRF']['TOKEN'] = bin2hex(random_bytes(32));