return str_pad( $result, $pad, '0', STR_PAD_LEFT );
}
-/**
- * @return bool
- */
-function wfHttpOnlySafe() {
- global $wgHttpOnlyBlacklist;
-
- if ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) {
- foreach ( $wgHttpOnlyBlacklist as $regex ) {
- if ( preg_match( $regex, $_SERVER['HTTP_USER_AGENT'] ) ) {
- return false;
- }
- }
- }
-
- return true;
-}
-
/**
* Check if there is sufficient entropy in php's built-in session generation
* @return bool true = there is sufficient entropy
# hasn't already been set to the desired value (that causes errors)
ini_set( 'session.save_handler', $wgSessionHandler );
}
- $httpOnlySafe = wfHttpOnlySafe() && $wgCookieHttpOnly;
wfDebugLog( 'cookie',
'session_set_cookie_params: "' . implode( '", "',
array(
$wgCookiePath,
$wgCookieDomain,
$wgCookieSecure,
- $httpOnlySafe ) ) . '"' );
- session_set_cookie_params( 0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe );
+ $wgCookieHttpOnly ) ) . '"' );
+ session_set_cookie_params(
+ 0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly );
session_cache_limiter( 'private, must-revalidate' );
if ( $sessionId ) {
session_id( $sessionId );