Changeset d0b973cf in github


Ignore:
Timestamp:
Sep 18, 2008 7:54:14 AM (5 years ago)
Author:
svncommit <devs@…>
Branches:
master, HEAD, courier-fix, dev-browser-capabilities, pdo, release-0.6, release-0.7, release-0.8
Children:
72d25b1
Parents:
cc0d55c
Message:

Bind cookie gotten over HTTPS to HTTPS only (#1485336).

File:
1 edited

Legend:

Unmodified
Added
Removed

  • program/include/session.inc

    r2e3ce3e rd0b973cf  
    185185 
    186186  setcookie(session_name(), '', time() - 3600); 
    187   setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain']); 
     187  setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain'], 
     188            $_SERVER['HTTPS'] && ($_SERVER['HTTPS']!='off')); 
    188189 
    189190  return true; 
Note: See TracChangeset for help on using the changeset viewer.