From be788ba986406c554f0746697bd9fe97a2c0f6f2 Mon Sep 17 00:00:00 2001
From: xue <>
Date: Mon, 13 Feb 2006 02:49:38 +0000
Subject: Removed host address and user agent from cookie validation
 information.

---
 framework/Web/THttpResponse.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'framework/Web/THttpResponse.php')

diff --git a/framework/Web/THttpResponse.php b/framework/Web/THttpResponse.php
index 5fed2167..1607b9d5 100644
--- a/framework/Web/THttpResponse.php
+++ b/framework/Web/THttpResponse.php
@@ -352,9 +352,7 @@ class THttpResponse extends TModule implements ITextWriter
 		$request=$this->getRequest();
 		if($request->getEnableCookieValidation())
 		{
-			$sig=$request->getUserHostAddress().$request->getUserAgent();
-			$data=serialize(array($sig,$cookie->getValue()));
-			$value=$this->getApplication()->getSecurityManager()->hashData($data);
+			$value=$this->getApplication()->getSecurityManager()->hashData($cookie->getValue());
 			setcookie($cookie->getName(),$value,$cookie->getExpire(),$cookie->getPath(),$cookie->getDomain(),$cookie->getSecure());
 		}
 		else
-- 
cgit v1.2.3