Changeset 633 for branches/1.1dev
- Timestamp:
- Aug 9, 2018 10:21:49 PM (6 years ago)
- Location:
- branches/1.1dev
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/1.1dev/config/defaults.inc.php
r570 r633 68 68 // Use php sessions? 69 69 setDefault($CFG->enable_session, true); 70 71 // Pass the session-id through URLs if cookies are not enabled? 72 // Disable this to prevent session ID theft. 73 setDefault($CFG->session_use_trans_sid, false); 70 74 71 75 // Use mysql-based sessions? -
branches/1.1dev/lib/App.inc.php
r608 r633 546 546 // - sessions are enabled 547 547 // - the link stays on our site 548 // - transparent SID prop ogation with session.use_trans_sid is not being used OR url begins with protocol (using_trans_sid has no effect here)548 // - transparent SID propagation with session.use_trans_sid is not being used OR url begins with protocol (using_trans_sid has no effect here) 549 549 // OR 550 550 // - we must include the SID because we say so (it's used in a context where cookies will not be effective, ie. moving from http to https) … … 558 558 || !$CFG->session_use_cookies 559 559 ) 560 && $CFG->session_use_trans_sid 560 561 && $CFG->enable_session 561 562 && isMyDomain($url)
Note: See TracChangeset
for help on using the changeset viewer.