Commit fc034ad4 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Impersonation with doubleCookie (#1746)

parent 95c08b89
......@@ -141,9 +141,12 @@ sub run {
$req->steps( [ $self->p->validSession, @{ $self->p->endAuth } ] );
# Restore _httpSession for double Cookies
$req->{sessionInfo}->{_httpSession} =
$req->{sessionInfo}->{real__httpSession}
if $req->{sessionInfo}->{real__httpSession};
if ( $self->conf->{securedCookie} >= 2 ) {
$self->p->updateSession( $req, $spoofSession,
$req->{sessionInfo}->{real__httpSession} );
$req->{sessionInfo}->{_httpSession} =
$req->{sessionInfo}->{real__httpSession};
}
return $statut;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment