Commit ed48acb7 authored by Hugh Davenport's avatar Hugh Davenport Committed by Gerrit Code Review
Browse files

Merge "Use secure cookies when the site is served over HTTPS"

parents cd47920e 203e12e0
......@@ -40,6 +40,9 @@ ini_set('session.cookie_path', get_mahara_install_subdirectory());
ini_set('session.cookie_httponly', 1);
ini_set('session.hash_bits_per_character', 4);
ini_set('session.hash_function', 0);
if (is_https()) {
ini_set('session.cookie_secure', true);
* The session class handles session data and messages.
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment