#1485461: secure initial login form sesssion cookie

git-svn-id: https://svn.roundcube.net/trunk@2123 208e9e7b-5314-0410-a742-e7e81cd9613c
author: alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> 2008-12-05 08:07:17 +0000
committer: alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> 2008-12-05 08:07:17 +0000
commit: 07358bb652ff07a8a925a9ed007ded1c5a95ba5e (patch)
tree: 0efaf45ea12bda249d59291fb7c5075c34c10ebc /roundcubemail/program
parent: e356a4f63a3f96b10fbdb3bc8b22241ff4598b65 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/roundcubemail/program/include/iniset.php b/roundcubemail/program/include/iniset.php
index 2be15b1a5..fda13e9cf 100755
--- a/roundcubemail/program/include/iniset.php
+++ b/roundcubemail/program/include/iniset.php
@@ -53,6 +53,7 @@ if (set_include_path($include_path) === false) {
 ini_set('session.name', 'roundcube_sessid');
 ini_set('session.use_cookies', 1);
 ini_set('session.only_use_cookies', 1);
+ini_set('session.cookie_secure', ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off')));
 ini_set('error_reporting', E_ALL&~E_NOTICE);
 set_magic_quotes_runtime(0);
author	alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c>	2008-12-05 08:07:17 +0000
committer	alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c>	2008-12-05 08:07:17 +0000
commit	07358bb652ff07a8a925a9ed007ded1c5a95ba5e (patch)
tree	0efaf45ea12bda249d59291fb7c5075c34c10ebc /roundcubemail/program
parent	e356a4f63a3f96b10fbdb3bc8b22241ff4598b65 (diff)