From ebd8bd55b2a1cf398c5d4829e8a7929c7db98abc Mon Sep 17 00:00:00 2001
From: Taylor Otwell <taylorotwell@gmail.com>
Date: Thu, 21 Jul 2011 23:54:25 -0500
Subject: [PATCH] added http_only option to cookie::put method.

---
 system/cookie.php | 32 +++++++++++++++++---------------
 1 file changed, 17 insertions(+), 15 deletions(-)

diff --git a/system/cookie.php b/system/cookie.php
index 77d6ccc9..97cffd2d 100644
--- a/system/cookie.php
+++ b/system/cookie.php
@@ -28,38 +28,40 @@ public static function get($name, $default = null)
 	/**
 	 * Set a "permanent" cookie. The cookie will last 5 years.
 	 *
-	 * @param  string   $name
-	 * @param  string   $value
-	 * @param  string   $path
-	 * @param  string   $domain
-	 * @param  bool     $secure
+	 * @param  string  $name
+	 * @param  string  $value
+	 * @param  string  $path
+	 * @param  string  $domain
+	 * @param  bool    $secure
+	 * @param  bool    $http_only
 	 * @return bool
 	 */
-	public static function forever($name, $value, $path = '/', $domain = null, $secure = false)
+	public static function forever($name, $value, $path = '/', $domain = null, $secure = false, $http_only = false)
 	{
-		return static::put($name, $value, 2628000, $path, $domain, $secure);
+		return static::put($name, $value, 2628000, $path, $domain, $secure, $http_only);
 	}
 
 	/**
 	 * Set the value of a cookie. If a negative number of minutes is
 	 * specified, the cookie will be deleted.
 	 *
-	 * @param  string   $name
-	 * @param  string   $value
-	 * @param  int      $minutes
-	 * @param  string   $path
-	 * @param  string   $domain
-	 * @param  bool     $secure
+	 * @param  string  $name
+	 * @param  string  $value
+	 * @param  int     $minutes
+	 * @param  string  $path
+	 * @param  string  $domain
+	 * @param  bool    $secure
+	 * @param  bool    $http_only
 	 * @return bool
 	 */
-	public static function put($name, $value, $minutes = 0, $path = '/', $domain = null, $secure = false)
+	public static function put($name, $value, $minutes = 0, $path = '/', $domain = null, $secure = false, $http_only = false)
 	{
 		if ($minutes < 0)
 		{
 			unset($_COOKIE[$name]);
 		}
 
-		return setcookie($name, $value, ($minutes != 0) ? time() + ($minutes * 60) : 0, $path, $domain, $secure);
+		return setcookie($name, $value, ($minutes != 0) ? time() + ($minutes * 60) : 0, $path, $domain, $secure, $http_only);
 	}
 
 	/**