Skip to content

S
syncEnrollments
Commit 3e00ce2e authored by Taylor Otwell's avatar Taylor Otwell
Browse files
Options

fix bug regarding SSL cookies.

parent bf886f32
Hide whitespace changes
Inline Side-by-side
Showing with 23 additions and 3 deletions
artisan
View file @ 3e00ce2e
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* Laravel - A PHP Framework For Web Artisans * Laravel - A PHP Framework For Web Artisans
* *
* @package Laravel * @package Laravel
* @version 3.1.4 * @version 3.1.5
* @author Taylor Otwell <taylorotwell@gmail.com> * @author Taylor Otwell <taylorotwell@gmail.com>
* @link http://laravel.com * @link http://laravel.com
*/ */
......
changes.md
View file @ 3e00ce2e
...@@ -2,6 +2,8 @@ ...@@ -2,6 +2,8 @@
## Contents ## Contents
- [Laravel 3.1.5](#3.1.5)
- [Upgrading From 3.1.4](#upgrade-3.1.5)
- [Laravel 3.1.4](#3.1.4) - [Laravel 3.1.4](#3.1.4)
- [Upgrading From 3.1.3](#upgrade-3.1.4) - [Upgrading From 3.1.3](#upgrade-3.1.4)
- [Laravel 3.1.3](#3.1.3) - [Laravel 3.1.3](#3.1.3)
...@@ -13,6 +15,16 @@ ...@@ -13,6 +15,16 @@
- [Laravel 3.1](#3.1) - [Laravel 3.1](#3.1)
- [Upgrading From 3.0](#upgrade-3.1) - [Upgrading From 3.0](#upgrade-3.1)
<a name="3.1.5"></a>
## Laravel 3.1.5
- Fixes bug that could allow secure cookies to be sent over HTTP.
<a name="upgrade-3.1.5"></a>
## Upgrading From 3.1.4
- Replace the **laravel** folder.
<a name="3.1.4"></a> <a name="3.1.4"></a>
## Laravel 3.1.4 ## Laravel 3.1.4
......
laravel/cookie.php
View file @ 3e00ce2e
...@@ -63,6 +63,14 @@ class Cookie { ...@@ -63,6 +63,14 @@ class Cookie {
} }
else else
{ {
// We don't want to send secure cookies over HTTP unless the developer has
// turned off the "SSL" application configuration option, which is used
// while developing the application but should be true in production.
if ($secure and ! Request::secure() and Config::get('application.ssl'))
{
return;
}
setcookie($name, $value, $time, $path, $domain, $secure); setcookie($name, $value, $time, $path, $domain, $secure);
} }
} }
......
paths.php
View file @ 3e00ce2e
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* Laravel - A PHP Framework For Web Artisans * Laravel - A PHP Framework For Web Artisans
* *
* @package Laravel * @package Laravel
* @version 3.1.4 * @version 3.1.5
* @author Taylor Otwell <taylorotwell@gmail.com> * @author Taylor Otwell <taylorotwell@gmail.com>
* @link http://laravel.com * @link http://laravel.com
*/ */
......
public/index.php
View file @ 3e00ce2e
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* Laravel - A PHP Framework For Web Artisans * Laravel - A PHP Framework For Web Artisans
* *
* @package Laravel * @package Laravel
* @version 3.1.4 * @version 3.1.5
* @author Taylor Otwell <taylorotwell@gmail.com> * @author Taylor Otwell <taylorotwell@gmail.com>
* @link http://laravel.com * @link http://laravel.com
*/ */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment