1 files changed, 29 insertions, 4 deletions

diff --git a/framework/Web/THttpResponse.php b/framework/Web/THttpResponse.php
index c15f2836..4d8b2e60 100644
--- a/framework/Web/THttpResponse.php
+++ b/framework/Web/THttpResponse.php
@@ -543,10 +543,27 @@ class THttpResponse extends TModule implements ITextWriter
 		if($request->getEnableCookieValidation())

 		{

 			$value=$this->getApplication()->getSecurityManager()->hashData($cookie->getValue());

-			setcookie($cookie->getName(),$value,$cookie->getExpire(),$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());

+			setcookie(

+				$cookie->getName(),

+				$value,

+				$cookie->getExpire(),

+				$cookie->getPath(),

+				$cookie->getDomain(),

+				$cookie->getSecure(),

+				$cookie->getHttpOnly()

+			);

+		}

+		else {

+			setcookie(

+				$cookie->getName(),

+				$cookie->getValue(),

+				$cookie->getExpire(),

+				$cookie->getPath(),

+				$cookie->getDomain(),

+				$cookie->getSecure(),

+				$cookie->getHttpOnly()

+			);

 		}

-		else

-			setcookie($cookie->getName(),$cookie->getValue(),$cookie->getExpire(),$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());

 	}

 

 	/**

@@ -556,7 +573,15 @@ class THttpResponse extends TModule implements ITextWriter
 	 */

 	public function removeCookie($cookie)

 	{

-		setcookie($cookie->getName(),null,0,$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());

+		setcookie(

+			$cookie->getName(),

+			null,

+			0,

+			$cookie->getPath(),

+			$cookie->getDomain(),

+			$cookie->getSecure(),

+			$cookie->getHttpOnly()

+		);

 	}

 

 	/**