Cookie lacking "secure" flag for HTTPS sites (Bug #1384009)

Change-Id: I1a175c9eba4acea2902bbbd10050322eaff69cf5 Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Cookie lacking "secure" flag for HTTPS sites (Bug #1384009)
Change-Id: I1a175c9eba4acea2902bbbd10050322eaff69cf5 Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
dfbb1197 · Robert Lyon · Gerrit Code Review · 05a208f9 · dfbb1197
Commit dfbb1197 authored Nov 03, 2014 by Robert Lyon Committed by Gerrit Code Review Nov 06, 2014
--- a/htdocs/lib/web.php
+++ b/htdocs/lib/web.php
@@ -1644,7 +1644,7 @@ function set_cookie($name, $value='', $expires=0, $access=false) {
    // If Cookie Consent is enabled with cc_necessary cookie set to 'yes'
    // or Cookie Consent is not enabled
    if (empty($_COOKIE['cc_necessary']) || (isset($_COOKIE['cc_necessary']) && $_COOKIE['cc_necessary'] == 'yes')) {
-        setcookie($name, $value, $expires, $url['path'], $domain, false, true);
+        setcookie($name, $value, $expires, $url['path'], $domain, is_https(), true);
    }

    if ($access) {  // View access cookies may be needed on this request