diff options
author | Steven Wittens <steven@10.no-reply.drupal.org> | 2007-01-14 02:05:15 +0000 |
---|---|---|
committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2007-01-14 02:05:15 +0000 |
commit | e9e4a3a44614125b0a576740fb1894fc1fc07417 (patch) | |
tree | 02625d64a3502eda7e0ee16ac1597261842eba80 /sites | |
parent | 5790f43620b55ea9338092252fc2c93e639e3d54 (diff) | |
download | brdo-e9e4a3a44614125b0a576740fb1894fc1fc07417.tar.gz brdo-e9e4a3a44614125b0a576740fb1894fc1fc07417.tar.bz2 |
#108663: Fix edge case for cookie domains (conform to RFC 2109)
Diffstat (limited to 'sites')
-rw-r--r-- | sites/default/settings.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sites/default/settings.php b/sites/default/settings.php index 89d3de362..a6cbd050b 100644 --- a/sites/default/settings.php +++ b/sites/default/settings.php @@ -142,7 +142,11 @@ ini_set('url_rewriter.tags', ''); */ if (isset($_SERVER['HTTP_HOST'])) { $domain = '.'. preg_replace('`^www.`', '', $_SERVER['HTTP_HOST']); - ini_set('session.cookie_domain', $domain); + // Per RFC 2109, cookie domains must contain at least one dot other than the + // first. For hosts such as 'localhost', we don't set a cookie domain. + if (count(explode('.', $domain)) > 2) { + ini_set('session.cookie_domain', $domain); + } } /** |