summaryrefslogtreecommitdiffstats
path: root/system/core/Security.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-02-29 17:56:12 +0100
committerAndrey Andreev <narf@bofh.bg>2012-02-29 17:56:12 +0100
commita10c8e17bbd1eb75aed1bb74523449f81ee393a2 (patch)
tree238fba516bcc1a4f59c65246866235d98141f352 /system/core/Security.php
parent8a51f885b1bfdb816088837cd4443511bd77ed7a (diff)
Add strtolower to the HTTPS check
Diffstat (limited to 'system/core/Security.php')
-rwxr-xr-xsystem/core/Security.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 688aeba33..6f25fb5bb 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -191,7 +191,7 @@ class CI_Security {
$expire = time() + $this->_csrf_expire;
$secure_cookie = (bool) config_item('cookie_secure');
- if ($secure_cookie && (empty($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] === 'off'))
+ if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
{
return FALSE;
}