Vulnerability remediation

2021-05-28 15:31:54 -04:00
parent 2a8ee2d90f
commit 9043ccb0e2
18 changed files with 316 additions and 39 deletions
--- a/changesite.php
+++ b/changesite.php
@@ -16,6 +16,11 @@
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-    $site = filter_input(INPUT_POST, 'site');                                   // GET SANITARY SITE CHOICE
-    setcookie ( 'app_site', $site, time() + 60*60*24*90);                       // SET SITE COOKIE
+    $site = filter_input(INPUT_POST, 'site', FILTER_SANITIZE_STRING);                                   // GET SANITARY SITE CHOICE
+    setcookie ( 'app_site', $site, [
+        'expires' => time() + 60*60*24*90,
+        'secure' => true,
+        'httponly' => true,
+        'samesite' => 'None',
+    ]);
    header('Location: index.php');                                              // GO HOME UNTIL WE ADD REFERER LOGIC