Skip to content

Commit

Permalink
The secure flag was not set on session cookie. Fixed.
Browse files Browse the repository at this point in the history
  • Loading branch information
@itronics
itronics committed Dec 3, 2021
1 parent a838b69 commit ccca49a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion includes/session.inc
View file
Expand Up @@ -397,7 +397,7 @@ foreach ($installed_extensions as $ext)
ini_set('session.gc_maxlifetime', 36000); // moved from below.

$Session_manager = new SessionManager();
$Session_manager->sessionStart('FA'.md5(dirname(__FILE__)));
$Session_manager->sessionStart('FA'.md5(dirname(__FILE__)), 0, '/', null, True);

$_SESSION['SysPrefs'] = new sys_prefs();

Expand Down

2 comments on commit ccca49a

@paschauf
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This commit causes continuous timeouts, redirecting at every click to the login page.

@itronics
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You probably try to contact your site with http protocol. Since 2.4.11 https access is mandatory for security reasons, unless your application is running on localhost. See demo.frontaccounting.com.

Please sign in to comment.