From f33c2af2c467c30ce009c8578988c8fcddf1f32c Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 29 Nov 2010 19:30:44 +0000 Subject: [PATCH] Always set secure cookies if logging in via HTTPS --- IkiWiki/CGI.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index f2a32a958..14193c33a 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -12,7 +12,7 @@ use Encode; sub printheader ($) { my $session=shift; - if ($config{sslcookie}) { + if ($ENV{HTTPS} || $config{sslcookie}) { print $session->header(-charset => 'utf-8', -cookie => $session->cookie(-httponly => 1, -secure => 1)); }