diff options
| author | Andrey Andreev <narf@bofh.bg> | 2012-02-29 17:56:12 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@bofh.bg> | 2012-02-29 17:56:12 +0100 |
| commit | a10c8e17bbd1eb75aed1bb74523449f81ee393a2 (patch) | |
| tree | 238fba516bcc1a4f59c65246866235d98141f352 /system/core/Security.php | |
| parent | 8a51f885b1bfdb816088837cd4443511bd77ed7a (diff) | |
Add strtolower to the HTTPS check
Diffstat (limited to 'system/core/Security.php')
| -rwxr-xr-x | system/core/Security.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 688aeba33..6f25fb5bb 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -191,7 +191,7 @@ class CI_Security { $expire = time() + $this->_csrf_expire; $secure_cookie = (bool) config_item('cookie_secure'); - if ($secure_cookie && (empty($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] === 'off')) + if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off')) { return FALSE; } |