Vulnerability remediation

2021-05-28 15:31:54 -04:00
parent 2a8ee2d90f
commit 9043ccb0e2
18 changed files with 316 additions and 39 deletions
--- a/changelang.php
+++ b/changelang.php
@@ -16,6 +16,11 @@
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-    $app_disp_lang = filter_input(INPUT_POST, 'app_disp_lang');                 // GET SANITARY LANG CHOICE
-    setcookie ( 'app_disp_lang', $app_disp_lang, time() + 60*60*24*90);         // SET LONG COOKIE
+    $app_disp_lang = filter_input(INPUT_POST, 'app_disp_lang', FILTER_SANITIZE_STRING);                 // GET SANITARY LANG CHOICE
+    setcookie ( 'app_disp_lang', $app_disp_lang, [
+        'expires' => time() + 60*60*24*90,
+        'secure' => true,
+        'httponly' => true,
+        'samesite' => 'None',
+    ]);
    header('Location: index.php');                                              // GO HOME UNTIL WE ADD REFERER LOGIC