From 75e4dd8a2ec6c181e99877919b5a2b529407752a Mon Sep 17 00:00:00 2001
From: Gerrit Uitslag <klapinklapin@gmail.com>
Date: Tue, 8 Oct 2013 00:06:46 +0200
Subject: Use in cookie a correct path, added DOKU_COOKIEPATH to js constants
 Fixes FS#2837

---
 inc/common.php        | 3 ++-
 lib/exe/js.php        | 1 +
 lib/scripts/cookie.js | 2 +-
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/inc/common.php b/inc/common.php
index 3312141c8..866e0aadd 100644
--- a/inc/common.php
+++ b/inc/common.php
@@ -1625,7 +1625,8 @@ function set_doku_pref($pref, $val) {
     }
 
     if (!empty($cookieVal)) {
-        setcookie('DOKU_PREFS', $cookieVal, time()+365*24*3600, DOKU_BASE, '', ($conf['securecookie'] && is_ssl()));
+        $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
+        setcookie('DOKU_PREFS', $cookieVal, time()+365*24*3600, $cookieDir, '', ($conf['securecookie'] && is_ssl()));
     }
 }
 
diff --git a/lib/exe/js.php b/lib/exe/js.php
index 76238a81b..fc7a869c2 100644
--- a/lib/exe/js.php
+++ b/lib/exe/js.php
@@ -89,6 +89,7 @@ function js_out(){
     // add some global variables
     print "var DOKU_BASE   = '".DOKU_BASE."';";
     print "var DOKU_TPL    = '".tpl_basedir()."';";
+    print "var DOKU_COOKIEPATH = '" . (empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir']) . "';";
     // FIXME: Move those to JSINFO
     print "var DOKU_UHN    = ".((int) useHeading('navigation')).";";
     print "var DOKU_UHC    = ".((int) useHeading('content')).";";
diff --git a/lib/scripts/cookie.js b/lib/scripts/cookie.js
index 3ad67bfa4..4cb527f26 100644
--- a/lib/scripts/cookie.js
+++ b/lib/scripts/cookie.js
@@ -30,7 +30,7 @@ var DokuCookie = {
                 text.push(encodeURIComponent(key)+'#'+encodeURIComponent(val));
             }
         });
-        jQuery.cookie(this.name, text.join('#'), {expires: 365, path: DOKU_BASE});
+        jQuery.cookie(this.name, text.join('#'), {expires: 365, path: DOKU_COOKIEPATH});
     },
 
     /**
-- 
cgit v1.2.3


From df5d307ea8bac1f5030d42af363ae9f7469a63f2 Mon Sep 17 00:00:00 2001
From: Gerrit Uitslag <klapinklapin@gmail.com>
Date: Thu, 10 Oct 2013 15:53:03 +0200
Subject: add cookie secure parameter to cookies set by javascript

---
 lib/exe/js.php        | 8 ++++++--
 lib/scripts/cookie.js | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/exe/js.php b/lib/exe/js.php
index fc7a869c2..040b8874d 100644
--- a/lib/exe/js.php
+++ b/lib/exe/js.php
@@ -86,16 +86,20 @@ function js_out(){
     // start output buffering and build the script
     ob_start();
 
+    $json = new JSON();
     // add some global variables
     print "var DOKU_BASE   = '".DOKU_BASE."';";
     print "var DOKU_TPL    = '".tpl_basedir()."';";
-    print "var DOKU_COOKIEPATH = '" . (empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir']) . "';";
+    print "var DOKU_COOKIE_PARAM = " . $json->encode(
+            array(
+                 'path' => empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'],
+                 'secure' => $conf['securecookie'] && is_ssl()
+            )).";";
     // FIXME: Move those to JSINFO
     print "var DOKU_UHN    = ".((int) useHeading('navigation')).";";
     print "var DOKU_UHC    = ".((int) useHeading('content')).";";
 
     // load JS specific translations
-    $json = new JSON();
     $lang['js']['plugins'] = js_pluginstrings();
     $templatestrings = js_templatestrings();
     if(!empty($templatestrings)) {
diff --git a/lib/scripts/cookie.js b/lib/scripts/cookie.js
index 4cb527f26..8417d2064 100644
--- a/lib/scripts/cookie.js
+++ b/lib/scripts/cookie.js
@@ -30,7 +30,7 @@ var DokuCookie = {
                 text.push(encodeURIComponent(key)+'#'+encodeURIComponent(val));
             }
         });
-        jQuery.cookie(this.name, text.join('#'), {expires: 365, path: DOKU_COOKIEPATH});
+        jQuery.cookie(this.name, text.join('#'), {expires: 365, path: DOKU_COOKIE_PARAM.path, secure: DOKU_COOKIE_PARAM.secure});
     },
 
     /**
-- 
cgit v1.2.3