Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
HttpOnly flag for session cookie to prevent possible XSS - thx @melbinkm
!
  • Loading branch information
azett committed Oct 1, 2022
1 parent 9df2017 commit 34fb2f3
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 25 deletions.
1 change: 1 addition & 0 deletions defaults.php
Expand Up @@ -121,6 +121,7 @@
$serverport = "false";
// Unterstützung für Apache und IIS
ini_set('session.cookie_secure', 1);
ini_set('session.cookie_httponly', 1);
if (isset($_SERVER ['HTTPS']) && ($_SERVER ['HTTPS'] == '1' || strtolower($_SERVER ['HTTPS']) == 'on')) {
$serverport = "https://";
} else {
Expand Down
18 changes: 10 additions & 8 deletions fp-includes/core/core.cookie.php
Expand Up @@ -23,6 +23,8 @@ function cookie_setup() {
define('COOKIE_DOMAIN', false);
if (!defined('COOKIE_SECURE'))
define('COOKIE_SECURE', true);
if (!defined('COOKIE_HTTPONLY'))
define('COOKIE_HTTPONLY', true);
}

if (!function_exists('wp_get_cookie_login')) :
Expand Down Expand Up @@ -62,20 +64,20 @@ function cookie_set($username, $password, $already_md5 = false, $home = '', $sit
else
$expire = 0;

setcookie(USER_COOKIE, $username, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(PASS_COOKIE, $password, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(USER_COOKIE, $username, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(PASS_COOKIE, $password, $expire, $cookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);

if ($cookiepath != $sitecookiepath) {
setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
}
}

function cookie_clear() {
setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(USER_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(PASS_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
}

if (!function_exists('wp_login')) :
Expand Down
4 changes: 2 additions & 2 deletions fp-includes/core/core.session.php
Expand Up @@ -5,7 +5,7 @@ function sess_setup() {
session_save_path(SESSION_PATH);

session_name(SESS_COOKIE);
setcookie(SESS_COOKIE, '', 0, '', COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(SESS_COOKIE, '', 0, '', COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);

session_start();
}
Expand All @@ -32,7 +32,7 @@ function sess_get($key) {
function sess_close() {
unset($_SESSION);
if (isset($_COOKIE [session_name()])) {
setcookie(session_name(), '', time() - 42000, '/', COOKIE_SECURE);
setcookie(session_name(), '', time() - 42000, '/', COOKIE_SECURE, COOKIE_HTTPONLY);
session_set_cookie_params(-42000);
}
session_destroy();
Expand Down
8 changes: 4 additions & 4 deletions fp-includes/core/core.users.php
Expand Up @@ -64,8 +64,8 @@ function user_login($userid, $pwd, $params = null) {
if ($loggedin) {
// session_regenerate_id();
$expire = time() + 31536000;
setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(PASS_COOKIE, $user ['password'], $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(PASS_COOKIE, $user ['password'], $expire, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
}

return $loggedin;
Expand All @@ -76,8 +76,8 @@ function user_logout() {

if (user_loggedin()) {

setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE);
setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN, COOKIE_SECURE, COOKIE_HTTPONLY);
}

$loggedin = false;
Expand Down
22 changes: 11 additions & 11 deletions fp-includes/core/core.wp-pluggable-funcs.php
Expand Up @@ -6,7 +6,7 @@
*/
function _get_nextprev_link($nextprev) {
global $fpdb;
$q = & $fpdb->getQuery();
$q = &$fpdb->getQuery();

list ($caption, $id) = call_user_func(array(
&$q,
Expand Down Expand Up @@ -42,7 +42,7 @@ function _get_nextprev_link($nextprev) {

function get_nextpage_link() {
global $fpdb;
$q = & $fpdb->getQuery();
$q = &$fpdb->getQuery();

$a = _get_nextprev_link('NextPage');

Expand All @@ -59,7 +59,7 @@ function get_nextpage_link() {

function get_prevpage_link() {
global $fpdb;
$q = & $fpdb->getQuery();
$q = &$fpdb->getQuery();

$a = _get_nextprev_link('PrevPage');

Expand Down Expand Up @@ -292,23 +292,23 @@ function wp_setcookie($username, $password, $already_md5 = false, $home = '', $s
$cookiehash = md5($siteurl);
}

setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $cookiepath, COOKIE_SECURE);
setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $cookiepath, COOKIE_SECURE);
setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $cookiepath, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $cookiepath, COOKIE_SECURE, COOKIE_HTTPONLY);

if ($cookiepath != $sitecookiepath) {
setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $sitecookiepath, COOKIE_SECURE);
setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $sitecookiepath, COOKIE_SECURE);
setcookie('wordpressuser_' . $cookiehash, $username, time() + 31536000, $sitecookiepath, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie('wordpresspass_' . $cookiehash, $password, time() + 31536000, $sitecookiepath, COOKIE_SECURE, COOKIE_HTTPONLY);
}
}
endif;

if (!function_exists('wp_clearcookie')) :

function wp_clearcookie() {
setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE);
setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE);
setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE);
setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE);
setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY);
setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_SECURE, COOKIE_HTTPONLY);
}
endif;

Expand Down

0 comments on commit 34fb2f3

Please sign in to comment.