Skip to content
Snippets Groups Projects
  • Jaime Pérez's avatar
    8756835b
    SimpleSAML_Session should set the auth token using the... · 8756835b
    Jaime Pérez authored
    SimpleSAML_Session should set the auth token using the SimpleSAML\Utils\HTTP::setCookie(), instead of the setCookie() method provided by session handlers.
    
    The SimpleSAML_SessionHandler::setCookie() method should be used only to set the session cookie, not random cookies. If we want cookies to have the same parameters as session cookies, we can always get the session parameters calling SimpleSAML_SessionHandler::getSessionParams() and pass them to SimpleSAML\Utils\HTTP::setCookie().
    8756835b
    History
    SimpleSAML_Session should set the auth token using the...
    Jaime Pérez authored
    SimpleSAML_Session should set the auth token using the SimpleSAML\Utils\HTTP::setCookie(), instead of the setCookie() method provided by session handlers.
    
    The SimpleSAML_SessionHandler::setCookie() method should be used only to set the session cookie, not random cookies. If we want cookies to have the same parameters as session cookies, we can always get the session parameters calling SimpleSAML_SessionHandler::getSessionParams() and pass them to SimpleSAML\Utils\HTTP::setCookie().
Code owners
Assign users and groups as approvers for specific file changes. Learn more.