Revert "Improve cookie secure setting values"

This reverts commit 73da2af393.
2026-01-03 16:51:40 +09:00 · 2018-04-23 00:43:24 +09:00 · 2018-04-23 00:43:24 +09:00 · 591e9cb270
commit 591e9cb270
parent cfca05c897
6 changed files with 7 additions and 12 deletions
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@ -300,7 +300,7 @@ class Context
 		{
 			if($_COOKIE['lang_type'] !== $lang_type)
 			{
-				setcookie('lang_type', $lang_type, time() + 86400, '/', null, RX_SSL, true);
+				setcookie('lang_type', $lang_type, $_SERVER['REQUEST_TIME'] + 3600 * 24 * 1000, '/');
 			}
 		}
 		elseif($_COOKIE['lang_type'])
@ -316,7 +316,7 @@ class Context
 					if(!strncasecmp($lang_code, $_SERVER['HTTP_ACCEPT_LANGUAGE'], strlen($lang_code)))
 					{
 						$lang_type = $lang_code;
-						setcookie('lang_type', $lang_type, time() + 86400, '/', null, RX_SSL, true);
+						setcookie('lang_type', $lang_type, $_SERVER['REQUEST_TIME'] + 3600 * 24 * 1000, '/');
 					}
 				}
 			}
--- a/classes/mobile/Mobile.class.php
+++ b/classes/mobile/Mobile.class.php
@ -73,7 +73,7 @@ class Mobile
 		$uatype = $uahash . ':' . (self::$_ismobile ? '1' : '0');
 		if ($cookie !== $uatype)
 		{
-			setcookie('rx_uatype', $uatype, 0, null, null, RX_SSL, true);
+			setcookie('rx_uatype', $uatype, 0);
 			$_COOKIE['rx_uatype'] = $uatype;
 		}
 		
--- a/common/framework/session.php
+++ b/common/framework/session.php
@ -294,10 +294,8 @@ class Session
 		// Step 1: if the current site is not the default site, send SSO validation request to the default site.
 		if(!$is_default_domain && !\Context::get('sso_response') && $_COOKIE['sso'] !== md5($current_domain))
 		{
-			$ssl_only = (\RX_SSL && config('session.use_ssl')) ? true : false;
-			
 			// Set sso cookie to prevent multiple simultaneous SSO validation requests.
-			setcookie('sso', md5($current_domain), 0, '/', null, null, $ssl_only, true);
+			setcookie('sso', md5($current_domain), 0, '/');
 			
 			// Redirect to the default site.
 			$sso_request = Security::encrypt($current_url);
--- a/common/js/common.js
+++ b/common/js/common.js
@ -1055,8 +1055,7 @@ function getOuterHTML(obj) {
 function setCookie(name, value, expire, path) {
 	var s_cookie = name + "=" + escape(value) +
 		((!expire) ? "" : ("; expires=" + expire.toGMTString())) +
-		"; path=" + ((!path) ? "/" : path) +
-		((enforce_ssl) ? ";secure" : "");
+		"; path=" + ((!path) ? "/" : path);

 	document.cookie = s_cookie;
 }
--- a/modules/member/member.view.php
+++ b/modules/member/member.view.php
@ -191,10 +191,8 @@ class memberView extends member
 	 */
 	function dispMemberSignUpForm()
 	{
-		$ssl_only = (\RX_SSL && config('session.use_ssl')) ? true : false;
-
 		//setcookie for redirect url in case of going to member sign up
-		setcookie("XE_REDIRECT_URL", $_SERVER['HTTP_REFERER'], 0, null, null, $ssl_only, true);
+		setcookie("XE_REDIRECT_URL", $_SERVER['HTTP_REFERER']);

 		$member_config = $this->member_config;

--- a/widgets/login_info/skins/ncenter_login/js/ncenter.js
+++ b/widgets/login_info/skins/ncenter_login/js/ncenter.js
@ -8,7 +8,7 @@
 				dt.setTime(dt.getTime() + (d * 24 * 60 * 60000));
 				e = "; expires=" + dt.toGMTString();
 			}
-			document.cookie = n + "=" + v + e + "; path=/" + ((enforce_ssl) ? ";secure" : "");
+			document.cookie = n + "=" + v + e + "; path=/";
 		}

 		var n = $('#nc_container');