From 53eda19fa2efed997405075ad003aa7a94d31563 Mon Sep 17 00:00:00 2001
From: rojaro <>
Date: Fri, 21 Jan 2011 12:39:42 +0000
Subject: fixed #304

---
 framework/Web/THttpResponse.php | 33 +++++++++++++++++++++++++++++----
 1 file changed, 29 insertions(+), 4 deletions(-)

(limited to 'framework/Web/THttpResponse.php')

diff --git a/framework/Web/THttpResponse.php b/framework/Web/THttpResponse.php
index 1e5540ab..21816b61 100644
--- a/framework/Web/THttpResponse.php
+++ b/framework/Web/THttpResponse.php
@@ -544,10 +544,27 @@ class THttpResponse extends TModule implements ITextWriter
 		if($request->getEnableCookieValidation())
 		{
 			$value=$this->getApplication()->getSecurityManager()->hashData($cookie->getValue());
-			setcookie($cookie->getName(),$value,$cookie->getExpire(),$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());
+			setcookie(
+				$cookie->getName(),
+				$value,
+				$cookie->getExpire(),
+				$cookie->getPath(),
+				$cookie->getDomain(),
+				$cookie->getSecure(),
+				$cookie->getHttpOnly()
+			);
+		}
+		else {
+			setcookie(
+				$cookie->getName(),
+				$cookie->getValue(),
+				$cookie->getExpire(),
+				$cookie->getPath(),
+				$cookie->getDomain(),
+				$cookie->getSecure(),
+				$cookie->getHttpOnly()
+			);
 		}
-		else
-			setcookie($cookie->getName(),$cookie->getValue(),$cookie->getExpire(),$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());
 	}
 
 	/**
@@ -557,7 +574,15 @@ class THttpResponse extends TModule implements ITextWriter
 	 */
 	public function removeCookie($cookie)
 	{
-		setcookie($cookie->getName(),null,0,$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());
+		setcookie(
+			$cookie->getName(),
+			null,
+			0,
+			$cookie->getPath(),
+			$cookie->getDomain(),
+			$cookie->getSecure(),
+			$cookie->getHttpOnly()
+		);
 	}
 
 	/**
-- 
cgit v1.2.3