Refine secure cookie flag

_use_ssl 대신 site_module_info 를 직접 참조하도록 수정. 함수 이름을 조금 더 자연스럽게 수정.
2026-01-06 18:21:39 +09:00 · 2018-04-28 11:25:15 +09:00 · 2018-04-28 11:25:15 +09:00 · f8edfacde2
commit f8edfacde2
parent da95eed96e
5 changed files with 11 additions and 10 deletions
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@ -300,7 +300,7 @@ class Context
 		{
 			if($_COOKIE['lang_type'] !== $lang_type)
 			{
-				setcookie('lang_type', $lang_type, time() + 86400 * 365, '/', null, self::checkSslEnforce());
+				setcookie('lang_type', $lang_type, time() + 86400 * 365, '/', null, self::isAlwaysSSL());
 			}
 		}
 		elseif($_COOKIE['lang_type'])
@ -316,7 +316,7 @@ class Context
 					if(!strncasecmp($lang_code, $_SERVER['HTTP_ACCEPT_LANGUAGE'], strlen($lang_code)))
 					{
 						$lang_type = $lang_code;
-						setcookie('lang_type', $lang_type, time() + 86400 * 365, '/', null, self::checkSslEnforce());
+						setcookie('lang_type', $lang_type, time() + 86400 * 365, '/', null, self::isAlwaysSSL());
 					}
 				}
 			}
@ -621,14 +621,15 @@ class Context
 	/**
 	 * Return ssl status
 	 *
+	 * @param boolen $purge_cache Set true to get uncached SSL_enforce value.
 	 * @return boolean (true|false)
 	 */
-	public static function checkSslEnforce()
+	public static function isAlwaysSSL($purge_cache = false)
 	{
 		static $ssl_only = null;
-		if(is_null($ssl_only))
+		if(is_null($ssl_only) || $purge_cache === true)
 		{
-			$ssl_only = (self::get('_use_ssl') === 'always' ? true : false);
+			$ssl_only = (self::get('site_module_info')->security === 'always' ? true : false);
 		}
 		return $ssl_only;
 	}
@ -1785,7 +1786,7 @@ class Context
 			return;
 		}

-		if(self::checkSslEnforce())
+		if(self::isAlwaysSSL())
 		{
 			$ssl_mode = ENFORCE_SSL;
 		}
--- a/classes/mobile/Mobile.class.php
+++ b/classes/mobile/Mobile.class.php
@ -73,7 +73,7 @@ class Mobile
 		$uatype = $uahash . ':' . (self::$_ismobile ? '1' : '0');
 		if ($cookie !== $uatype)
 		{
-			setcookie('rx_uatype', $uatype, 0, null, null, Context::checkSslEnforce());
+			setcookie('rx_uatype', $uatype, 0, null, null, Context::isAlwaysSSL());
 			$_COOKIE['rx_uatype'] = $uatype;
 		}
 		
--- a/common/framework/session.php
+++ b/common/framework/session.php
@ -295,7 +295,7 @@ class Session
 		if(!$is_default_domain && !\Context::get('sso_response') && $_COOKIE['sso'] !== md5($current_domain))
 		{
 			// Set sso cookie to prevent multiple simultaneous SSO validation requests.
-			setcookie('sso', md5($current_domain), 0, '/', null, Context::checkSslEnforce());
+			setcookie('sso', md5($current_domain), 0, '/', null, \Context::isAlwaysSSL());
 			
 			// Redirect to the default site.
 			$sso_request = Security::encrypt($current_url);
--- a/common/tpl/common_layout.html
+++ b/common/tpl/common_layout.html
@ -55,7 +55,7 @@
 	var current_mid = {json_encode($mid ?: null)};
 	var http_port = {Context::get("_http_port") ?: 'null'};
 	var https_port = {Context::get("_https_port") ?: 'null'};
-	var enforce_ssl = {Context::checkSslEnforce() ? 'true' : 'false'};
+	var enforce_ssl = {Context::isAlwaysSSL() ? 'true' : 'false'};
 	var ssl_actions = {json_encode(array_keys(Context::getSSLActions()))};
 	var xeVid = null;
 </script>
--- a/modules/member/member.view.php
+++ b/modules/member/member.view.php
@ -192,7 +192,7 @@ class memberView extends member
 	function dispMemberSignUpForm()
 	{
 		//setcookie for redirect url in case of going to member sign up
-		setcookie("XE_REDIRECT_URL", $_SERVER['HTTP_REFERER'], 0, '/', null, Context::checkSslEnforce());
+		setcookie("XE_REDIRECT_URL", $_SERVER['HTTP_REFERER'], 0, '/', null, Context::isAlwaysSSL());

 		$member_config = $this->member_config;