diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-08-21 14:06:30 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-08-21 14:06:30 -0700 |
| commit | 3e0b42573e83e2763f9f4cf6ac4790b0ad8514c3 (patch) | |
| tree | be7f78aa25122a313f4efef8832e314b2fb250cb /modules | |
| parent | 65801cf2e0d1b107925b2dc8fe3fb346cbccd972 (diff) | |
Set the "secure" bit on cookies if we're using HTTPS. Fixes ticket #1217.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/gallery/config/cookie.php | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/modules/gallery/config/cookie.php b/modules/gallery/config/cookie.php index ded3bdaa..7f6ea265 100644 --- a/modules/gallery/config/cookie.php +++ b/modules/gallery/config/cookie.php @@ -37,10 +37,9 @@ $config['path'] = '/'; $config['expire'] = 0; /** - * Enable this option to only allow the cookie to be read when using the a - * secure protocol. + * Set the secure bit on the cookie if we're using HTTPS. */ -$config['secure'] = false; +$config['secure'] = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on'; /** * Enable this option to disable the cookie from being accessed when using a |