From 3c3d861f416d4143aa0945470adb6bf316a9bfc3 Mon Sep 17 00:00:00 2001
From: Franklin Tse <FranklinWhale@users.noreply.github.com>
Date: Sun, 8 Apr 2018 21:57:05 +0800
Subject: [PATCH] Respect 'session.cookie_secure' if it is On

---
 adminer/include/bootstrap.inc.php | 2 +-
 changes.txt                       | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/adminer/include/bootstrap.inc.php b/adminer/include/bootstrap.inc.php
index b07e68cf..1db4e2ed 100644
--- a/adminer/include/bootstrap.inc.php
+++ b/adminer/include/bootstrap.inc.php
@@ -44,7 +44,7 @@ if (!strpos($_SERVER["REQUEST_URI"], '?') && $_SERVER["QUERY_STRING"] != "") { /
 if ($_SERVER["HTTP_X_FORWARDED_PREFIX"]) {
 	$_SERVER["REQUEST_URI"] = $_SERVER["HTTP_X_FORWARDED_PREFIX"] . $_SERVER["REQUEST_URI"];
 }
-$HTTPS = $_SERVER["HTTPS"] && strcasecmp($_SERVER["HTTPS"], "off");
+$HTTPS = ($_SERVER["HTTPS"] && strcasecmp($_SERVER["HTTPS"], "off")) || ini_bool("session.cookie_secure"); // session.cookie_secure could be set on HTTP if we are behind a reverse proxy
 
 @ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
 if (!defined("SID")) {
diff --git a/changes.txt b/changes.txt
index 96acd7bc..77f862d8 100644
--- a/changes.txt
+++ b/changes.txt
@@ -5,6 +5,7 @@ Stop session before connecting
 Simplify running slow queries
 Decrease timeout for running slow queries from 5 seconds to 2 seconds
 Fix displaying info about non-alphabetical objects (bug #599)
+Use secure cookies on HTTP if session.cookie_secure is set
 PDO: Support binary fields download
 MySQL: Use CONVERT() only when searching for non-ASCII (bug #603)
 PostgreSQL: Add SQL operator to search