Fixed session middleware for HTTPS. Closes #241 [reported by mt502]

senchalabs · Mar 18, 2011 · 719e146 · 719e146
1 parent b0c9c8b
commit 719e146
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/lib/middleware/session.js b/lib/middleware/session.js
@@ -225,7 +225,7 @@ function session(options){
         // proxySecure is a custom attribute to allow for a reverse proxy
         // to handle SSL connections and to communicate to connect over HTTP that
         // the incoming connection is secure.
-        var secured = cookie.secure && (req.connection.secure || req.connection.proxySecure);
+        var secured = cookie.secure && (req.connection.encrypted || req.connection.proxySecure);
         if (secured || !cookie.secure) {
           res.setHeader('Set-Cookie', cookie.serialize(key, req.sessionID));
         }