From 22a0cf6251cff6bc3c872d27ee5a6921665c7394 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 26 Oct 2010 17:55:09 -0400 Subject: Set cookies with "secure" flag on SSL sites. Improves security. --- lib/util.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/util.php b/lib/util.php index 6044fdd92..d50fa2081 100644 --- a/lib/util.php +++ b/lib/util.php @@ -326,7 +326,8 @@ function common_set_cookie($key, $value, $expiration=0) $value, $expiration, $cookiepath, - $server); + $server, + common_config('site', 'ssl')=='always'); } define('REMEMBERME', 'rememberme'); -- cgit v1.2.3-54-g00ecf