Session cookies have the parameter "secure" when the connection is HTTPS

2013-03-25 21:29:30 -04:00 · 2013-03-25 21:29:30 -04:00 · 2925001dcb
parent 6957bc3a2f
commit 2925001dcb
1 changed files with 8 additions and 1 deletions
--- a/miniflux/vendor/PicoFarad/Session.php
+++ b/miniflux/vendor/PicoFarad/Session.php
@ -7,7 +7,14 @@ const SESSION_LIFETIME = 2678400;

 function open($base_path = '/')
 {
-    session_set_cookie_params(SESSION_LIFETIME, $base_path, null, false, true);
+    session_set_cookie_params(
+        SESSION_LIFETIME,
+        $base_path,
+        null,
+        isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on',
+        true
+    );
+
    session_start();
 }