From 4a32b376b9f512a66ddf6d9a627e9b17376b92dc Mon Sep 17 00:00:00 2001
From: Mohamed Nizar <nizaucsc@gmail.com>
Date: Wed, 2 Dec 2020 12:06:54 +0530
Subject: [PATCH 1/3] enable secure flag on session #303

---
 config/app.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/config/app.php b/config/app.php
index c04a0e1b..fd6b253e 100755
--- a/config/app.php
+++ b/config/app.php
@@ -336,7 +336,13 @@
      * To use database sessions, load the SQL file located at config/Schema/sessions.sql
      */
     'Session' => [
-        'defaults' => 'php',
+        'defaults' => 'cake',
+        'timeout' => 30,
+        'cookieTimeout' => 30,
+        'ini' => array(
+            'session.cookie_secure' => true,
+            'session.cookie_httponly' => true
+        )
 //         'defaults' => 'cache',
     ],
     'debug' => true

From 59e3de5d68c0be44ffd29ee0470873132cb16e42 Mon Sep 17 00:00:00 2001
From: Mohamed Nizar <nizaucsc@gmail.com>
Date: Wed, 2 Dec 2020 18:28:42 +0530
Subject: [PATCH 2/3] remove session id on payload #301

---
 .htaccess                                          |  3 +++
 .../src/Model/Traits/SecurityTrait.php             | 14 --------------
 webroot/.htaccess                                  |  4 +++-
 3 files changed, 6 insertions(+), 15 deletions(-)

diff --git a/.htaccess b/.htaccess
index 3624246b..d79ff15c 100755
--- a/.htaccess
+++ b/.htaccess
@@ -4,4 +4,7 @@
     RewriteRule    ^$    webroot/    [L]
     RewriteRule    (.*) webroot/$1    [L]
 </IfModule>
+<IfModule mod_php7.c>
+    php_flag session.use_trans_sid off
+</IfModule>
 
diff --git a/plugins/ControllerAction/src/Model/Traits/SecurityTrait.php b/plugins/ControllerAction/src/Model/Traits/SecurityTrait.php
index 26d27af5..2d949695 100755
--- a/plugins/ControllerAction/src/Model/Traits/SecurityTrait.php
+++ b/plugins/ControllerAction/src/Model/Traits/SecurityTrait.php
@@ -68,25 +68,11 @@ public function paramsDecode($params)
         $signature = $this->urlsafeB64Decode($signature);
 
         $payload = json_decode($payload, true);
-        $sessionId = Security::hash('session_id', 'sha256');
-        if (!isset($payload[$sessionId])) {
-            throw new SecurityException('No session id in payload');
-        } else {
-            $checkPayload = $payload;
-            $checkPayload[$sessionId] = session_id();
-            $checkSignature = Security::hash(json_encode($checkPayload), 'sha256', true);
-            if ($signature !== $checkSignature) {
-                throw new SecurityException('Query String has been tampered');
-            }
-        }
-        unset($payload[$sessionId]);
         return $payload;
     }
 
     public function paramsEncode($params = [])
     {
-        $sessionId = Security::hash('session_id', 'sha256');
-        $params[$sessionId] = session_id();
         $jsonParam = json_encode($params);
         $base64Param = $this->urlsafeB64Encode($jsonParam);
         $signature = Security::hash($jsonParam, 'sha256', true);
diff --git a/webroot/.htaccess b/webroot/.htaccess
index d8b9a05e..a96b930a 100755
--- a/webroot/.htaccess
+++ b/webroot/.htaccess
@@ -4,4 +4,6 @@
     RewriteCond %{REQUEST_URI} !=/server-status	
     RewriteRule ^ index.php [L]
 </IfModule>
-
+<IfModule mod_php7.c>
+    php_flag session.use_trans_sid off
+</IfModule>

From 509b947fb81c7926068d51825451693704b35619 Mon Sep 17 00:00:00 2001
From: Mohamed Nizar <nizaucsc@gmail.com>
Date: Wed, 2 Dec 2020 18:40:09 +0530
Subject: [PATCH 3/3] disable session endpoint  #304

---
 config/routes.php | 22 ++++++++++------------
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/config/routes.php b/config/routes.php
index 42e55829..0744cb7e 100755
--- a/config/routes.php
+++ b/config/routes.php
@@ -67,8 +67,6 @@
      */
     $routes->connect('/pages/*', ['controller' => 'Pages', 'action' => 'display']);
 
-
-
     /**
      * Connect catchall routes for all controllers.
      *
@@ -203,16 +201,16 @@
 });
 
 // For restful session
-Router::scope('/session', ['plugin' => 'Restful'], function ($routes) {
-    $routes->scope('/', ['controller' => 'Session'], function ($routes) {
-        $routes->extensions(['json']);
-
-        $routes->connect('/:key', ['action' => 'check', '_method' => 'CHECK'], ['pass' => ['key']]);
-        $routes->connect('/:key', ['action' => 'read', '_method' => 'GET'], ['pass' => ['key']]);
-        $routes->connect('/', ['action' => 'write', '_method' => 'POST']);
-        $routes->connect('/:key', ['action' => 'delete', '_method' => 'DELETE'], ['pass' => ['key']]);
-    });
-});
+// Router::scope('/session', ['plugin' => 'Restful'], function ($routes) {
+//     $routes->scope('/', ['controller' => 'Session'], function ($routes) {
+//         $routes->extensions(['json']);
+
+//         $routes->connect('/:key', ['action' => 'check', '_method' => 'CHECK'], ['pass' => ['key']]);
+//         $routes->connect('/:key', ['action' => 'read', '_method' => 'GET'], ['pass' => ['key']]);
+//         $routes->connect('/', ['action' => 'write', '_method' => 'POST']);
+//         $routes->connect('/:key', ['action' => 'delete', '_method' => 'DELETE'], ['pass' => ['key']]);
+//     });
+// });
 
 /**
  * Load all plugin routes.  See the Plugin documentation on