diff options
author | Robin Sowell <robin.sowell@ellislab.com> | 2011-02-11 21:33:44 +0100 |
---|---|---|
committer | Robin Sowell <robin.sowell@ellislab.com> | 2011-02-11 21:33:44 +0100 |
commit | 154da11c5bb4b7dc5c225f4fa018852ee45cc6eb (patch) | |
tree | 2d10f48f1e2123e4ab057118ce7afb104f2b5e6b /system | |
parent | d6d9f454b6939d1e6f1c9687f4e08d89690f79ff (diff) |
Doy- forget the session cookie function! Added secure cookie config check there too.
Diffstat (limited to 'system')
-rw-r--r-- | system/libraries/Security.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/system/libraries/Security.php b/system/libraries/Security.php index 018001ac8..a73b8e1f7 100644 --- a/system/libraries/Security.php +++ b/system/libraries/Security.php @@ -112,8 +112,9 @@ class CI_Security { function csrf_set_cookie() { $expire = time() + $this->csrf_expire; + $secure_cookie = (config_item('cookie_secure') === TRUE) ? 1 : 0; - setcookie($this->csrf_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), 0); + setcookie($this->csrf_cookie_name, $this->csrf_hash, $expire, config_item('cookie_path'), config_item('cookie_domain'), $secure_cookie); log_message('debug', "CRSF cookie Set"); } |