diff options
author | Christian Schneider | 2017-05-24 15:14:10 +0200 |
---|---|---|
committer | Christian Schneider | 2017-05-24 15:14:10 +0200 |
commit | 7e258f91f788c479af091dc6d7d309efdaf657b7 (patch) | |
tree | 7ef1f36bce7daf92eb60826bc7ea59161935c2d4 /it_session.class | |
parent | f87f1f60381ed063483410d8a5d1fc832c2cb6f4 (diff) | |
download | itools-7e258f91f788c479af091dc6d7d309efdaf657b7.tar.gz itools-7e258f91f788c479af091dc6d7d309efdaf657b7.tar.bz2 itools-7e258f91f788c479af091dc6d7d309efdaf657b7.zip |
No SSL cookies for trusted IPs because Chrome does not overwrite SSL cookies with non-SSL ones and thus prevents login to devel after live, reported by David
Diffstat (limited to 'it_session.class')
-rw-r--r-- | it_session.class | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/it_session.class b/it_session.class index 7873869..ec8b64f 100644 --- a/it_session.class +++ b/it_session.class @@ -47,7 +47,7 @@ function it_session() * load balanced Proxies and maybe more weird stuff). * $this->address = $_SERVER['REMOTE_ADDR'] . '/' . $_SERVER['HTTP_X_FORWARDED_FOR']; */ - $this->ssl = !empty($_SERVER['HTTPS']); + $this->ssl = !empty($_SERVER['HTTPS']) && !$GLOBALS['ULTRATRUSTED']; # No SSL cookies for trusted IPs because Chrome does not overwrite SSL cookies with non-SSL ones and thus prevents login to devel after live, reported by David } |