diff options
author | wclouser@mozilla.com <wclouser@mozilla.com@4eb1ac78-321c-0410-a911-ec516a8615a5> | 2007-04-19 07:36:05 (GMT) |
---|---|---|
committer | wclouser@mozilla.com <wclouser@mozilla.com@4eb1ac78-321c-0410-a911-ec516a8615a5> | 2007-04-19 07:36:05 (GMT) |
commit | 13800287992deb26e3f44ff12fea3194f3cf4ce9 (patch) | |
tree | ebdbeee7c573052f93c10e6719fc082168c08639 /site/app/app_controller.php | |
parent | df8cb0b7fce3a9470cf2b2441ed31542b92b8103 (diff) |
Patch to fix 375010
git-svn-id: http://svn.mozilla.org/addons/trunk@3403 4eb1ac78-321c-0410-a911-ec516a8615a5
Diffstat (limited to 'site/app/app_controller.php')
-rw-r--r-- | site/app/app_controller.php | 11 |
1 files changed, 2 insertions, 9 deletions
diff --git a/site/app/app_controller.php b/site/app/app_controller.php index 69d0c9b..ccfbffc 100644 --- a/site/app/app_controller.php +++ b/site/app/app_controller.php @@ -304,19 +304,12 @@ class AppController extends Controller switch ($level) { case 'low': - ini_set('session.referer_check',''); + define('CAKE_SECURITY', 'low'); break; case 'high': default: - $_host = env('HTTP_HOST'); - - // Pulled from cake/libs/session.php - if (strpos($_host, ':') !== false) { - $_host = substr($_host, 0, strpos($_host, ':')); - } - - ini_set('session.referer_check',$_host); + define('CAKE_SECURITY', 'high'); break; } } |