V8: Safeguard against invalid culture in UMB_MCULTURE cookie (#4051)

src/Umbraco.Web.UI.Client/src/controllers/navigation.controller.js

@@ -355,7 +355,9 @@ function NavigationController($scope, $rootScope, $location, $log, $q, $routePar
                 if (!currCulture) {
                     // no culture in the request, let's look for one in the cookie that's set when changing language
                     var defaultCulture = $cookies.get("UMB_MCULTURE");
-                    if (!defaultCulture) {
+                    if (!defaultCulture || !_.find($scope.languages, function (l) {
+                            return l.culture.toLowerCase() === defaultCulture.toLowerCase();
+                        })) {
                         // no luck either, look for the default language
                         var defaultLang = _.find($scope.languages, function (l) {
                             return l.isDefault;
@@ -399,9 +401,10 @@ function NavigationController($scope, $rootScope, $location, $log, $q, $routePar
     $scope.selectLanguage = function (language) {
 
         $location.search("mculture", language.culture);
-        // add the selected culture to a cookie so the user will log back into the same culture later on (cookie max age is one year = 31536000 seconds)
-        // NOTE: $cookies doesn't support max-age, so we need to go the good ol' JS way about setting the cookie
-        document.cookie = "UMB_MCULTURE=" +language.culture + ";path=/;max-age=31536000;";
+        // add the selected culture to a cookie so the user will log back into the same culture later on (cookie lifetime = one year)
+        var expireDate = new Date();
+        expireDate.setDate(expireDate.getDate() + 365);
+        $cookies.put("UMB_MCULTURE", language.culture, {path: "/", expires: expireDate});
 
         // close the language selector
         $scope.page.languageSelectorIsOpen = false;