[SM-USERS] secure cookie flag

Ralf Utermann Mon, 24 Mar 2003 06:12:45 -0800

Hi,

the cookie, which squirrelmail uses to store the users (encrypted)
password, could be set with the 'secure flag' on. (and should be
set probably: http://pdos.lcs.mit.edu/cookies/pubs/webauth.html)


Maybe somebody has already built a patch for conf.pl to add a 
possibility to set this? Looks like it works if one modifies
session_set_cookie_params() and setcookie() in  src/redirect.php

Regards, Ralf
-- 
        Ralf Utermann
_____________________________________________________________________
        Universität Augsburg, Institut für Physik   --   EDV-Betreuer
        Universitätsstr.1             
        D-86135 Augsburg                     Phone:  +49-821-598-3231
        SMTP: [EMAIL PROTECTED]         Fax: -3411


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
--
squirrelmail-users mailing list
List Address: [EMAIL PROTECTED]
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

[SM-USERS] secure cookie flag

Reply via email to