diff options
author | alecpl <alec@alec.pl> | 2008-12-05 08:07:17 +0000 |
---|---|---|
committer | alecpl <alec@alec.pl> | 2008-12-05 08:07:17 +0000 |
commit | d5fca0c4902d0c9a7427e6028ddbbc8bb337859e (patch) | |
tree | d63973b853b3ba4fb2531cf08933e0293c98a3fc /program | |
parent | 35521588351b35dddaf003b52e9eef9737f17c5e (diff) |
#1485461: secure initial login form sesssion cookie
Diffstat (limited to 'program')
-rwxr-xr-x | program/include/iniset.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/program/include/iniset.php b/program/include/iniset.php index 2be15b1a5..fda13e9cf 100755 --- a/program/include/iniset.php +++ b/program/include/iniset.php @@ -53,6 +53,7 @@ if (set_include_path($include_path) === false) { ini_set('session.name', 'roundcube_sessid'); ini_set('session.use_cookies', 1); ini_set('session.only_use_cookies', 1); +ini_set('session.cookie_secure', ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off'))); ini_set('error_reporting', E_ALL&~E_NOTICE); set_magic_quotes_runtime(0); |