diff options
| author | svncommit <devs@roundcube.net> | 2008-09-18 11:54:14 +0000 |
|---|---|---|
| committer | svncommit <devs@roundcube.net> | 2008-09-18 11:54:14 +0000 |
| commit | d0b973cf6aed4a7cb705f706624d25b31d19ed52 (patch) | |
| tree | 42c3a85a68613dd4aceaf2663a954d9a3a3e9167 | |
| parent | cc0d55cbcbc3cfef82ce86b8cb5df5936be97c65 (diff) | |
Bind cookie gotten over HTTPS to HTTPS only (#1485336).
| -rw-r--r-- | program/include/session.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/program/include/session.inc b/program/include/session.inc index 603f384bb..ad66f0c40 100644 --- a/program/include/session.inc +++ b/program/include/session.inc @@ -184,7 +184,8 @@ function rcube_sess_regenerate_id() $lifetime = $cookie['lifetime'] ? time() + $cookie['lifetime'] : 0; setcookie(session_name(), '', time() - 3600); - setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain']); + setcookie(session_name(), $random, $lifetime, $cookie['path'], $cookie['domain'], + $_SERVER['HTTPS'] && ($_SERVER['HTTPS']!='off')); return true; } |