From d5fca0c4902d0c9a7427e6028ddbbc8bb337859e Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Fri, 05 Dec 2008 03:07:17 -0500
Subject: [PATCH] #1485461: secure initial login form sesssion cookie

---
 program/include/iniset.php |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/program/include/iniset.php b/program/include/iniset.php
index 2be15b1..fda13e9 100755
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@@ -53,6 +53,7 @@
 ini_set('session.name', 'roundcube_sessid');
 ini_set('session.use_cookies', 1);
 ini_set('session.only_use_cookies', 1);
+ini_set('session.cookie_secure', ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off')));
 ini_set('error_reporting', E_ALL&~E_NOTICE);
 set_magic_quotes_runtime(0);
 

--
Gitblit v1.9.1