Context Navigation

← Previous Ticket
Next Ticket →

Opened 5 years ago

Closed 4 years ago

#1485461 closed Bugs (fixed)

secure initial login form session cookie

Reported by:	tensor	Owned by:
Priority:	5	Milestone:	0.2-stable
Component:	Core functionality	Version:	0.2-beta
Severity:	minor	Keywords:
Cc:

Description

=== program/include/iniset.php
==================================================================
--- program/include/iniset.php  (revision 2007)
+++ program/include/iniset.php  (local)
@@ -53,6 +53,7 @@
 ini_set('session.name', 'roundcube_sessid');
 ini_set('session.use_cookies', 1);
 ini_set('session.only_use_cookies', 1);
+ini_set('session.cookie_secure', ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off')));
 ini_set('session.gc_maxlifetime', 21600);
 ini_set('session.gc_probability', 1);
 ini_set('session.gc_divisor', 500);

Change History (1)

comment:1 Changed 4 years ago by alec

Resolution set to fixed
Status changed from new to closed

Fixed in [d5fca0c4].

Note: See TracTickets for help on using tickets.

Download in other formats: