summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session.php
diff options
context:
space:
mode:
authorRobin Sowell <robin.sowell@ellislab.com>2011-02-11 21:31:27 +0100
committerRobin Sowell <robin.sowell@ellislab.com>2011-02-11 21:31:27 +0100
commitd6d9f454b6939d1e6f1c9687f4e08d89690f79ff (patch)
tree2fdd83293d5bf27308475b44e7d36c652175b1e0 /system/libraries/Session.php
parenta3e6224d8eeddce7b86c8fe122e84c91a570d882 (diff)
Adding config option to require 'secure' setting for all cookies- requires https.
Diffstat (limited to 'system/libraries/Session.php')
-rw-r--r--system/libraries/Session.php4
1 files changed, 3 insertions, 1 deletions
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 53ff4f5d3..0b94340d5 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -658,6 +658,8 @@ class CI_Session {
}
$expire = ($this->sess_expire_on_close === TRUE) ? 0 : $this->sess_expiration + time();
+
+ $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0;
// Set the cookie
setcookie(
@@ -666,7 +668,7 @@ class CI_Session {
$expire,
$this->cookie_path,
$this->cookie_domain,
- 0
+ $secure_cookie
);
}