Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1823 in subversion

Timestamp:

Sep 18, 2008 7:54:14 AM (5 years ago)

Author:

robin

Message:

Bind cookie gotten over HTTPS to HTTPS only (#1485336).

File:

: 1 edited

trunk/roundcubemail/program/include/session.inc (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/roundcubemail/program/include/session.inc

-                      r1685
+                      r1823
   setcookie(session_name(), '', time() - 3600);
+  setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain']);
+  setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain'],
+            $_SERVER['HTTPS'] && ($_SERVER['HTTPS']!='off'));
   return true;

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: