summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorRobin Sowell <robin.sowell@ellislab.com>2011-02-11 21:31:27 +0100
committerRobin Sowell <robin.sowell@ellislab.com>2011-02-11 21:31:27 +0100
commitd6d9f454b6939d1e6f1c9687f4e08d89690f79ff (patch)
tree2fdd83293d5bf27308475b44e7d36c652175b1e0 /application
parenta3e6224d8eeddce7b86c8fe122e84c91a570d882 (diff)
Adding config option to require 'secure' setting for all cookies- requires https.
Diffstat (limited to 'application')
-rw-r--r--application/config/config.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php
index 2a084ac22..26b31e309 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -255,11 +255,13 @@ $config['sess_time_to_update'] = 300;
| 'cookie_prefix' = Set a prefix if you need to avoid collisions
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
| 'cookie_path' = Typically will be a forward slash
+| 'cookie_secure' = Cookies will only be set if a secure HTTPS connection exists.
|
*/
$config['cookie_prefix'] = "";
$config['cookie_domain'] = "";
$config['cookie_path'] = "/";
+$config['cookie_secure'] = FALSE;
/*
|--------------------------------------------------------------------------