PM-2039 "Las cookies de sesion no se ha definido con el flag..." SOLVED

Issue: Las cookies de sesion no se ha definido con el flag HttpOnly esta debe definirse para mitigar ataques de tipo cross-site scripting. Cause: No se a definido el parametro "httponly" al momento de usar la funcion "setcookie" Solution: Se define el parametro "httponly" al momento de usar la funcion "setcookie"
2015-04-13 11:59:47 -04:00
parent cffa3f095d
commit 2545468c19
7 changed files with 29 additions and 18 deletions
--- a/workflow/engine/classes/model/DashletInstance.php
+++ b/workflow/engine/classes/model/DashletInstance.php
@@ -18,7 +18,7 @@ class DashletInstance extends BaseDashletInstance
 {
    private $filterThisFields = array('DAS_INS_UID', 'DAS_UID', 'DAS_INS_OWNER_TYPE', 'DAS_INS_OWNER_UID',
                                    'DAS_INS_CREATE_DATE', 'DAS_INS_UPDATE_DATE', 'DAS_INS_STATUS',
-                                    'pmos_generik', 'ys-admin-tabpanel', 'PHPSESSID');
+                                    "pm_sys_sys", "ys-admin-tabpanel", "PHPSESSID");

    public function load($dasInsUid)
    {