Enhance Clef state and session cookie flags

clef / clef-wordpress

The official Clef plugin for WordPress.

http://wordpress.org/plugins/wpclef

44 stars 24 forks source link

Closed lolux closed 8 years ago

lolux commented 8 years ago

Add httponly flag to wordpress_clef_session cookie
Conditionally add secure flag to wordpress_clef_session and wordpress_clef_state cookies
In the condition for the secure flag, add support for reverse-proxy-based TLS a la the recommendation in codex.

jessepollak commented 8 years ago

LGTM other than my one style comment.