From: Michael Wallner <mike@php.net>
Date: Fri, 15 May 2015 13:12:16 +0000 (+0200)
Subject: limit cookie path to baseurl by default
X-Git-Url: https://git.m6w6.name/?p=pharext%2Fpharext.org;a=commitdiff_plain;h=278669c548e427182ba7098811bc74c368108acc

limit cookie path to baseurl by default
---

diff --git a/app/Session.php b/app/Session.php
index f2a5dbd..af1b8e7 100644
--- a/app/Session.php
+++ b/app/Session.php
@@ -8,7 +8,8 @@ use http\Params;
 
 class Session implements ArrayAccess
 {
-	function __construct(Config $config, Response $response) {
+	function __construct(Config $config, BaseUrl $baseUrl, Response $response) {
+		ini_set("session.cookie_path", $baseUrl->path);
 		foreach ($config->session as $key => $val) {
 			ini_set("session.$key", $val);
 		}