785e168f5e
Check application.ssl when setting a secure cookie
...
Most SLL-related code in Laravel checks to see if `application.ssl`
is true before doing an action requiring it. `Cookie::put()` is the
only exception that I've found, to date, that doesn't test for SSL.
This checks to see that the SSL is enabled when attempting to set a
secure cookie.
To verify, set `application.ssl` to false (without this patch) then
run:
Cookie::put('foo', 'bar', 0, '/', null, true);
You will get an exception because of line 90 in `cookie.php`:
if ($secure and ! Request::secure())
{
throw new \Exception("Attempting to set secure cookie over HTTP.");
}
With this patch you will not get this error unless both `application.ssl`
is true, and the cookie `$secure` flag is set.
2013-04-03 12:13:21 -03:00
912f4e5e72
Fix forever length.
2013-01-05 14:01:42 -06:00
4eac00a009
Use hash_hmac on cookie hashes.
2012-09-25 16:43:58 -04:00
ad313198df
working on cookie fingerprinting.
2012-09-25 08:40:48 -05:00
30175c2a52
fixing merge issues for comment tweaks
2012-07-31 16:55:02 +01:00
2c6ed23b45
fixing merge issues
2012-07-27 13:52:15 +01:00
8a34aa5077
Fixed typos
2012-07-27 11:29:59 +00:00
0ea30993d4
Fixed various typos throughout laravel folder.
...
Signed-off-by: Josh Miller <josh@joshmmiller.com>
2012-07-21 20:18:55 -04:00
fafaf724b0
Grammar/Vocabulary fixes
...
Signed-off-by: Chris Berthe <chrisberthe@gmail.com>
2012-06-13 11:19:20 -04:00
69d9257a50
Return value of cookie.
2012-05-29 17:00:23 -05:00
5097e9053b
Remove obsolete class import in cookie.php.
2012-05-11 12:28:52 +03:00
5637a29fa3
Add Cookie::forever constant, fixes #660
...
Signed-off-by: Colin Viebrock <colin@viebrock.ca>
2012-05-10 16:32:07 -05:00
232bf01ae2
fix secure cookie issue.
2012-04-04 10:28:06 -05:00
730808fb02
converting cookies to use http foundation.
2012-03-28 22:43:58 -05:00
97cb0035f4
clarify cookie comment.
2012-02-24 10:31:43 -06:00
c9bb800ee9
cleaning up the cookie class.
2012-02-24 10:29:20 -06:00
160e839e81
cleaning up classes.
2012-02-23 16:18:08 -06:00
49d9666958
final code cleanup
2012-02-16 13:59:48 -06:00
aed1443bf1
cleaning up the cookie class.
2012-02-12 16:15:17 -06:00
62072e5281
PHPDoc fixes
2012-02-04 21:30:52 +00:00
ded215d0e3
change cookie::sign to public.
2012-02-01 11:42:37 -06:00
2504f8693f
fix cookie bug.
2012-02-01 11:02:12 -06:00
2b12c0c140
modified cookie class. set application key on first request if not set.
2012-01-31 15:58:00 -06:00
4cf7f0c627
added cookie jar that holds cookies until end of request.
2012-01-31 15:19:23 -06:00
97fcea1e51
cleaned up paths.
2012-01-28 14:55:08 -06:00
f44c565ee4
converted path constants to $GLOBALS.
2012-01-27 16:17:43 -06:00
071d8ab069
move cookie payload check into cookie class.
2012-01-25 09:44:38 -06:00
bfc04e283b
set value in cookie array when cooke is set.
2012-01-18 11:51:42 -06:00
b5442c67fc
merged skunkworks into develop.
2012-01-16 13:59:24 -06:00
264cc51294
fixed bug in auth cookie removal.
2012-01-05 11:52:42 -06:00
193396506e
Fix bug in cookie class.
2011-11-18 10:58:40 -06:00
374f72f5e5
Provide immediate access to set cookies.
2011-11-18 10:43:37 -06:00
58638216e8
Throw better Exceptions
2011-11-15 12:35:04 +00:00
d1a969bd29
added uri class. refactored.
2011-11-14 21:18:18 -06:00
2758b4c16d
some small refactoring and bug fixing.
2011-11-13 15:23:48 -06:00
88c8cf6c10
refactoring.
2011-11-01 20:35:02 -05:00
6810b99d38
change cookie forget time to be 25 hours in the past to cover strange timezone issues.
2011-11-01 20:04:00 -05:00
58190c2db2
tweaking a comment.
2011-10-29 23:27:49 -05:00
b71ecb4363
removed packages directory. refactoring.
2011-10-21 21:49:33 -05:00
a7e98e8e9a
fixing bugs and refactoring.
2011-10-15 22:38:43 -05:00
76a5bc483a
refactoring various classes.
2011-10-15 14:39:52 -05:00
6cb79e6676
refactoring
2011-10-10 21:34:15 -05:00
17385697c0
continuing to work on the remember me authentication.
2011-10-09 23:20:54 -05:00
71b0ab8b8d
refactoring container for speed.
2011-10-05 18:32:48 -05:00
5cc7c3a6bd
refactoring.
2011-09-28 21:59:54 -05:00
766fa9831a
tweaking code and adding comments.
2011-09-21 22:45:50 -05:00
0c4018ec88
refactoring.
2011-09-21 21:46:16 -05:00
600e411ad4
more refactoring on DI and IoC.
2011-09-20 23:36:13 -05:00
4525eae25a
revert back to more sensible architecture.
2011-09-20 23:14:09 -05:00
32391b7f32
refactoring various classes.
2011-09-16 20:30:22 -05:00
Robert K
Taylor Otwell
Dayle Rees
Pascal Borreli
Josh Miller
Chris Berthe
Franz Liedke
Colin Viebrock
Phill Sparks