[BrowserKit] changed Cookie::fromString() to not take the secure sett…

…ing into account if the URL is not present or is not HTTPS
symfony · Jul 22, 2011 · d7c6de8 · d7c6de8
1 parent 4b1f133
commit d7c6de8
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/Cookie.php b/Cookie.php
@@ -141,6 +141,11 @@ static public function fromString($cookie, $url = null)
             $part = trim($part);
 
             if ('secure' === strtolower($part)) {
+                // Ignore the secure flag if the original URI is not given or is not HTTPS
+                if (!$url || !isset($urlParts['scheme']) || 'https' != $urlParts['scheme']) {
+                    continue;
+                }
+
                 $values['secure'] = true;
 
                 continue;