Skip to content

Commit

Permalink
Fixed issue: [security] If SSL is used cookies did not have secure flag
Browse files Browse the repository at this point in the history
  • Loading branch information
@c-schmitz
c-schmitz committed Aug 29, 2016
1 parent 6268ab1 commit ebd86f2
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions application/config/internal.php
View file
Expand Up @@ -146,6 +146,7 @@
'session' => array(
'cookieParams' => array(
'httponly' => true,
'secure'=> isset($_SERVER['HTTPS']) && ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443)
),
),
'messages' => array(
Expand Down

1 comment on commit ebd86f2

@Shnoulle
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oups .... https://bugs.limesurvey.org/view.php?id=11893 :).

PS : seems needed too with CRSF (i make a new commit )

Please sign in to comment.