Support » Plugin: Google Apps Login » Session Cookie Missing ‘HttpOnly’ Attribute

  • Our security scorecard dropped after installing this plugin since the wordpress_google_apps_login cookie does not set the ‘HttpOnly’ attribute. Is there any way to change that?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author levertechadmin

    (@levertechadmin)

    Hello Starmindr,

    Greetings from the WP-Glogin team!

    Thank you for contacting us with your concern. In order to your concern I would like to request you can you please forward your concern on contact@wp-glogin.com our technical team can better assist you in this matter.

    Thanks & Regards

    Why can’t we get an answer on here, as this affects myself and probably other users?

    • This reply was modified 3 weeks, 6 days ago by dilbert16588.
    Plugin Author levertechadmin

    (@levertechadmin)

    Hello @dilbert16588,

    Greetings of the day!

    Thank you so much for your feedback on this.

    In order to your concern why we ask to forward your concern is we have a technical team on contact@wp-glogin.com. Our technical team personally look into clients issue and try to resolve the concern as soon as possible.

    Our customer support team will respond you within 24 hours in working days.

    Now in order to your concern about HttpOnly attribute issue I would like to suggest please go to your plugins folders and find the file named core_google_apps_login.php which is located in google-apps-login/core/.

    Open that file and find the code given below.

    setcookie(self::$gal_cookie_name, $this->get_cookie_value(), 0, ‘/’, defined(‘COOKIE_DOMAIN’) ? COOKIE_DOMAIN : ”, $secure );

    replace this code with

    setcookie(self::$gal_cookie_name, $this->get_cookie_value(), 0, ‘/’, defined(‘COOKIE_DOMAIN’) ? COOKIE_DOMAIN : ”, $secure, true );

    I hope this will helps you to resolve your concern if not I would like to suggest please forward your concern on contact@wp-glogin.com our customer support team will look into this for you and try to resolve your concern as soon as possible.

    Thanks & Regards,

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.