-
Notifications
You must be signed in to change notification settings - Fork 1
/
cookielifetime-roundcube-1.6.9.patch
55 lines (49 loc) · 2.72 KB
/
cookielifetime-roundcube-1.6.9.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
diff -ru roundcubemail/config/defaults.inc.php roundcubemail-cookielifetime/config/defaults.inc.php
--- roundcubemail/config/defaults.inc.php 2024-01-20 11:15:04.000000000 +0100
+++ roundcubemail-cookielifetime/config/defaults.inc.php 2024-01-21 00:13:08.808418324 +0100
@@ -586,9 +586,13 @@
// 0 - hide product name and version number, 1 - show product name only, 2 - show product name and version number
$config['display_product_info'] = 1;
-// Session lifetime in minutes
+// Session lifetime in minutes (server side)
$config['session_lifetime'] = 10;
+// Cookie lifetime in minutes for session id and auth cookies
+// 0 - session cookies (expire on browser exit)
+$config['cookie_lifetime'] = 0;
+
// Session domain: .example.org
$config['session_domain'] = '';
diff -ru roundcubemail/program/lib/Roundcube/rcube.php roundcubemail-cookielifetime/program/lib/Roundcube/rcube.php
--- roundcubemail/program/lib/Roundcube/rcube.php 2024-01-20 11:15:04.000000000 +0100
+++ roundcubemail-cookielifetime/program/lib/Roundcube/rcube.php 2024-01-21 00:13:08.812418375 +0100
@@ -456,6 +456,7 @@
$sess_path = $this->config->get('session_path');
$sess_samesite = $this->config->get('session_samesite');
$lifetime = $this->config->get('session_lifetime', 0) * 60;
+ $c_lifetime = $this->config->get('cookie_lifetime', 0) * 60;
$is_secure = $this->config->get('use_https') || rcube_utils::https_check();
// set session domain
@@ -475,8 +476,7 @@
ini_set('session.gc_maxlifetime', $lifetime * 2);
}
- // set session cookie lifetime so it never expires (#5961)
- ini_set('session.cookie_lifetime', 0);
+ ini_set('session.cookie_lifetime', $c_lifetime);
ini_set('session.cookie_secure', $is_secure);
ini_set('session.name', $sess_name ?: 'roundcube_sessid');
ini_set('session.use_cookies', 1);
diff -ru roundcubemail/program/lib/Roundcube/rcube_session.php roundcubemail-cookielifetime/program/lib/Roundcube/rcube_session.php
--- roundcubemail/program/lib/Roundcube/rcube_session.php 2024-01-20 11:15:04.000000000 +0100
+++ roundcubemail-cookielifetime/program/lib/Roundcube/rcube_session.php 2024-01-21 00:13:08.812418375 +0100
@@ -713,8 +713,11 @@
*/
public function set_auth_cookie()
{
+ $clifetime = $this->config->get('cookie_lifetime', 0) * 60;
+ if (!$clifetime) { $expiration = 0; }
+ else { $expiration = time() + $clifetime; }
$this->cookie = $this->_mkcookie($this->now);
- rcube_utils::setcookie($this->cookiename, $this->cookie, 0);
+ rcube_utils::setcookie($this->cookiename, $this->cookie, $expiration);
$_COOKIE[$this->cookiename] = $this->cookie;
}