diff options
| author | Christian Schneider | 2017-05-24 15:14:10 +0200 |
|---|---|---|
| committer | Christian Schneider | 2017-05-24 15:14:10 +0200 |
| commit | 7e258f91f788c479af091dc6d7d309efdaf657b7 (patch) | |
| tree | 7ef1f36bce7daf92eb60826bc7ea59161935c2d4 | |
| parent | f87f1f60381ed063483410d8a5d1fc832c2cb6f4 (diff) | |
| download | itools-7e258f91f788c479af091dc6d7d309efdaf657b7.tar.gz itools-7e258f91f788c479af091dc6d7d309efdaf657b7.tar.bz2 itools-7e258f91f788c479af091dc6d7d309efdaf657b7.zip | |
No SSL cookies for trusted IPs because Chrome does not overwrite SSL cookies with non-SSL ones and thus prevents login to devel after live, reported by David
| -rw-r--r-- | it_session.class | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/it_session.class b/it_session.class index 7873869..ec8b64f 100644 --- a/it_session.class +++ b/it_session.class @@ -47,7 +47,7 @@ function it_session() * load balanced Proxies and maybe more weird stuff). * $this->address = $_SERVER['REMOTE_ADDR'] . '/' . $_SERVER['HTTP_X_FORWARDED_FOR']; */ - $this->ssl = !empty($_SERVER['HTTPS']); + $this->ssl = !empty($_SERVER['HTTPS']) && !$GLOBALS['ULTRATRUSTED']; # No SSL cookies for trusted IPs because Chrome does not overwrite SSL cookies with non-SSL ones and thus prevents login to devel after live, reported by David } |