From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/js/googiespell.js |    6 ++----
 1 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/program/js/googiespell.js b/program/js/googiespell.js
index 06aef85..478858b 100644
--- a/program/js/googiespell.js
+++ b/program/js/googiespell.js
@@ -17,8 +17,6 @@
  | Authors: 4mir Salihefendic <amix@amix.dk>                             |
  |          Aleksander Machniak - <alec [at] alec.pl>                    |
  +-----------------------------------------------------------------------+
-
-  $Id$
 */
 
 var GOOGIE_CUR_LANG,
@@ -27,7 +25,7 @@
 function GoogieSpell(img_dir, server_url, has_dict)
 {
     var ref = this,
-        cookie_value = getCookie('language');
+        cookie_value = rcmail.get_cookie('language');
 
     GOOGIE_CUR_LANG = cookie_value != null ? cookie_value : GOOGIE_DEFAULT_LANG;
 
@@ -152,7 +150,7 @@
     //Set cookie
     var now = new Date();
     now.setTime(now.getTime() + 365 * 24 * 60 * 60 * 1000);
-    setCookie('language', lan_code, now);
+    rcmail.set_cookie('language', lan_code, now);
 };
 
 this.setForceWidthHeight = function(width, height)

--
Gitblit v1.9.1