Rt3: secure cookie patch

Pavel_Ruzicka · June 24, 2005, 12:22pm

Hi, this patch adds ability to use Secure Cookie for https only
installations, depended on variable in RT_SiteConfig.pm (default value
in RT_Config.pm should be 0). Is there any reason why this is not
already in RT3 ? I did few tests and didnt find any issue related to
this adjustment.

patch against RT3.2.2 installation:

— share/html/Elements/SetupSessionCookie Thu Jul 29 02:08:11 2004
+++ local/html/Elements/SetupSessionCookie Fri Jun 24 13:49:55 2005
@@ -94,7 +94,8 @@
my $cookie = new CGI::Cookie(
-name => $cookiename,
-value => $session{_session_id},

```
       -path  => '/',
```

```
       -path  => $RT::WebPath,
```

       -secure => $RT::UseSecureCookie
   );
   $r->headers_out->{'Set-Cookie'} = $cookie->as_string;

and define in RT_SiteConfig.pm:

if you have https instalation only set to 1, otherwise 0

Set($UseSecureCookie, ‘1’);

Pavel Ruzicka, ICZ

Jesse_Vincent · September 8, 2006, 6:20pm

Hi, this patch adds ability to use Secure Cookie for https only
installations, depended on variable in RT_SiteConfig.pm (default value
in RT_Config.pm should be 0). Is there any reason why this is not
already in RT3 ? I did few tests and didnt find any issue related to
this adjustment.

Thanks. Applied.

Jesse

PGP.sig (186 Bytes)