1.6 dev behavior.
* Add 'GetInternalURL' hook to match the GetFullURL and GetLocalURL ones
* (bug 4389) Fix math options on zh-hk and zh-tw (but not localized)
+* Remove unused OutputPage::addCookie()
+* Set cookies to secure mode based on use of HTTPS or $wgCookieSecure
=== Caveats ===
$wgServer .= ":" . $_SERVER['SERVER_PORT'];
}
-unset($wgProto);
/**
*/
$wgCookieDomain = '';
$wgCookiePath = '/';
+$wgCookieSecure = ($wgProto == 'https');
$wgDisableCookieCheck = false;
/** Whether to allow inline image pointing to other websites */
* @package MediaWiki
*/
class OutputPage {
- var $mHeaders, $mCookies, $mMetatags, $mKeywords;
+ var $mHeaders, $mMetatags, $mKeywords;
var $mLinktags, $mPagetitle, $mBodytext, $mDebugtext;
var $mHTMLtitle, $mRobotpolicy, $mIsarticle, $mPrintable;
var $mSubtitle, $mRedirect, $mStatusCode;
* Initialise private variables
*/
function OutputPage() {
- $this->mHeaders = $this->mCookies = $this->mMetatags =
+ $this->mHeaders = $this->mMetatags =
$this->mKeywords = $this->mLinktags = array();
$this->mHTMLtitle = $this->mPagetitle = $this->mBodytext =
$this->mRedirect = $this->mLastModified =
}
function addHeader( $name, $val ) { array_push( $this->mHeaders, $name.': '.$val ) ; }
- function addCookie( $name, $val ) { array_push( $this->mCookies, array( $name, $val ) ); }
function redirect( $url, $responsecode = '302' ) { $this->mRedirect = $url; $this->mRedirectCode = $responsecode; }
function setStatusCode( $statusCode ) { $this->mStatusCode = $statusCode; }
* the object, let's actually output it:
*/
function output() {
- global $wgUser, $wgCookieExpiration, $wgOutputEncoding;
+ global $wgUser, $wgOutputEncoding;
global $wgContLanguageCode, $wgDebugRedirects, $wgMimeType, $wgProfiler;
if( $this->mDoNothing ){
header( "Content-type: $wgMimeType; charset={$wgOutputEncoding}" );
header( 'Content-language: '.$wgContLanguageCode );
- $exp = time() + $wgCookieExpiration;
- foreach( $this->mCookies as $name => $val ) {
- setcookie( $name, $val, $exp, '/' );
- }
-
if ($this->mArticleBodyOnly) {
$this->out($this->mBodytext);
} else {
* @access private
*/
function mailPasswordInternal( $u ) {
- global $wgDBname, $wgCookiePath, $wgCookieDomain;
+ global $wgDBname, $wgCookiePath, $wgCookieDomain, $wgCookieSecure;
if ( '' == $u->getEmail() ) {
return wfMsg( 'noemail', $u->getName() );
$np = $u->randomPassword();
$u->setNewpassword( $np );
- setcookie( "{$wgDBname}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain );
+ setcookie( "{$wgDBname}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
$u->saveSettings();
wfRunHooks('UserLogoutComplete', array(&$wgUser));
- $wgOut->mCookies = array();
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$wgOut->addHTML( wfMsg( 'logouttext' ) );
$wgOut->returnToMain();
}
function setCookies() {
- global $wgCookieExpiration, $wgCookiePath, $wgCookieDomain, $wgDBname;
+ global $wgCookieExpiration, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgDBname;
if ( 0 == $this->mId ) return;
$this->loadFromDatabase();
$exp = time() + $wgCookieExpiration;
$_SESSION['wsUserID'] = $this->mId;
- setcookie( $wgDBname.'UserID', $this->mId, $exp, $wgCookiePath, $wgCookieDomain );
+ setcookie( $wgDBname.'UserID', $this->mId, $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
$_SESSION['wsUserName'] = $this->getName();
- setcookie( $wgDBname.'UserName', $this->getName(), $exp, $wgCookiePath, $wgCookieDomain );
+ setcookie( $wgDBname.'UserName', $this->getName(), $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
$_SESSION['wsToken'] = $this->mToken;
if ( 1 == $this->getOption( 'rememberpassword' ) ) {
- setcookie( $wgDBname.'Token', $this->mToken, $exp, $wgCookiePath, $wgCookieDomain );
+ setcookie( $wgDBname.'Token', $this->mToken, $exp, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
} else {
setcookie( $wgDBname.'Token', '', time() - 3600 );
}
* It will clean the session cookie
*/
function logout() {
- global $wgCookiePath, $wgCookieDomain, $wgDBname;
+ global $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgDBname;
$this->loadDefaults();
$this->setLoaded( true );
$_SESSION['wsUserID'] = 0;
- setcookie( $wgDBname.'UserID', '', time() - 3600, $wgCookiePath, $wgCookieDomain );
- setcookie( $wgDBname.'Token', '', time() - 3600, $wgCookiePath, $wgCookieDomain );
+ setcookie( $wgDBname.'UserID', '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
+ setcookie( $wgDBname.'Token', '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
# Remember when user logged out, to prevent seeing cached pages
- setcookie( $wgDBname.'LoggedOut', wfTimestampNow(), time() + 86400, $wgCookiePath, $wgCookieDomain );
+ setcookie( $wgDBname.'LoggedOut', wfTimestampNow(), time() + 86400, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
}
/**