From b4de7baf2a2fe8011b68e4fe464d031666b78202 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 4 Sep 2008 19:55:30 +0000
Subject: [PATCH] HttpOnly for PHP < 5.2. Props _ck_. see #7677

git-svn-id: http://svn.automattic.com/wordpress/trunk@8808 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/pluggable.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
index a57aa3ff52..12cc0abadd 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -642,11 +642,11 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
 		if ( COOKIEPATH != SITECOOKIEPATH )
 			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true);
 	} else {
-		setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure);
-		setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure);
-		setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN);
+		setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN . '; HttpOnly', $secure);
+		setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN . '; HttpOnly', $secure);
+		setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN . '; HttpOnly');
 		if ( COOKIEPATH != SITECOOKIEPATH )
-			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN);	
+			setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN . '; HttpOnly');	
 	}
 }
 endif;