diff options
author | Jaime Pérez <jaime.perez@uninett.no> | 2016-07-04 13:53:29 +0200 |
---|---|---|
committer | Jaime Pérez <jaime.perez@uninett.no> | 2016-07-04 13:53:29 +0200 |
commit | bcd0ae9bfc9aa6b01502bc029284841f2ee35061 (patch) | |
tree | 52c4a8c0ee7a0e2402266596b4a2c61d3f8b938d /lib/SimpleSAML | |
parent | 3ad8a9f2680d6d9cb561c90508ab8ae8bac3c227 (diff) | |
download | simplesamlphp-bcd0ae9bfc9aa6b01502bc029284841f2ee35061.zip simplesamlphp-bcd0ae9bfc9aa6b01502bc029284841f2ee35061.tar.gz simplesamlphp-bcd0ae9bfc9aa6b01502bc029284841f2ee35061.tar.bz2 |
bugfix: Do not set the auth token with the setCookie() method from the session handler.
Related to previous commits. The SimpleSAML_Session::updateSessionCookies() updates both the session cookie and the auth token. For the latter, it uses the setCookie() method from the session handler, while it should use the SimpleSAML\Utils\HTTP::setCookie() method instead.
Diffstat (limited to 'lib/SimpleSAML')
-rw-r--r-- | lib/SimpleSAML/Session.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php index 5373158..b96ee69 100644 --- a/lib/SimpleSAML/Session.php +++ b/lib/SimpleSAML/Session.php @@ -676,7 +676,7 @@ class SimpleSAML_Session if ($this->authToken !== null) { $globalConfig = SimpleSAML_Configuration::getInstance(); - $sessionHandler->setCookie( + \SimpleSAML\Utils\HTTP::setCookie( $globalConfig->getString('session.authtoken.cookiename', 'SimpleSAMLAuthToken'), $this->authToken, $params |