libretic/etherpad-lite
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Make express-session cookie scheme dependent

Browse source
This commit is contained in:
Stefan 2016-07-10 12:44:45 +02:00
parent 4ea9c4f98d
commit 009b61b338
2 changed files with 2 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/node/hooks/express/webaccess.js
View file

@ -120,7 +120,7 @@ exports.expressConfigure = function (hook_name, args, cb) {
}
args.app.sessionStore = exports.sessionStore;
args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid', proxy: true, cookie: { secure: true }}));
args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid', proxy: true, cookie: { secure: !!settings.ssl }}));
args.app.use(cookieParser(settings.sessionKey, {}));

39
src/static/js/pad.js
View file

@ -52,43 +52,6 @@ var hooks = require('./pluginfw/hooks');
var receivedClientVars = false;
function createCookie(name, value, days, path){ /* Warning Internet Explorer doesn't use this it uses the one from pad_utils.js */
if (days)
{
var date = new Date();
date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000));
var expires = "; expires=" + date.toGMTString();
}
else{
var expires = "";
}
if(!path){ // If the path isn't set then just whack the cookie on the root path
path = "/";
}
//Check if the browser is IE and if so make sure the full path is set in the cookie
if((navigator.appName == 'Microsoft Internet Explorer') || ((navigator.appName == 'Netscape') && (new RegExp("Trident/.*rv:([0-9]{1,}[\.0-9]{0,})").exec(navigator.userAgent) != null))){
document.cookie = name + "=" + value + expires + "; path="+document.location;
}
else{
document.cookie = name + "=" + value + expires + "; path=" + path;
}
}
function readCookie(name)
{
var nameEQ = name + "=";
var ca = document.cookie.split(';');
for (var i = 0; i < ca.length; i++)
{
var c = ca[i];
while (c.charAt(0) == ' ') c = c.substring(1, c.length);
if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length);
}
return null;
}
function randomString()
{
var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
@ -500,7 +463,7 @@ var pad = {
handshake();
// To use etherpad you have to allow cookies.
// This will check if the creation of a test-cookie has success.
// This will check if the prefs-cookie is set.
// Otherwise it shows up a message to the user.
if (!readCookie("prefs"))
{