Respect 'session.cookie_secure' if it is On
This commit is contained in:
parent
7b60b03e6a
commit
3c3d861f41
|
@ -44,7 +44,7 @@ if (!strpos($_SERVER["REQUEST_URI"], '?') && $_SERVER["QUERY_STRING"] != "") { /
|
||||||
if ($_SERVER["HTTP_X_FORWARDED_PREFIX"]) {
|
if ($_SERVER["HTTP_X_FORWARDED_PREFIX"]) {
|
||||||
$_SERVER["REQUEST_URI"] = $_SERVER["HTTP_X_FORWARDED_PREFIX"] . $_SERVER["REQUEST_URI"];
|
$_SERVER["REQUEST_URI"] = $_SERVER["HTTP_X_FORWARDED_PREFIX"] . $_SERVER["REQUEST_URI"];
|
||||||
}
|
}
|
||||||
$HTTPS = $_SERVER["HTTPS"] && strcasecmp($_SERVER["HTTPS"], "off");
|
$HTTPS = ($_SERVER["HTTPS"] && strcasecmp($_SERVER["HTTPS"], "off")) || ini_bool("session.cookie_secure"); // session.cookie_secure could be set on HTTP if we are behind a reverse proxy
|
||||||
|
|
||||||
@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
|
@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
|
||||||
if (!defined("SID")) {
|
if (!defined("SID")) {
|
||||||
|
|
|
@ -5,6 +5,7 @@ Stop session before connecting
|
||||||
Simplify running slow queries
|
Simplify running slow queries
|
||||||
Decrease timeout for running slow queries from 5 seconds to 2 seconds
|
Decrease timeout for running slow queries from 5 seconds to 2 seconds
|
||||||
Fix displaying info about non-alphabetical objects (bug #599)
|
Fix displaying info about non-alphabetical objects (bug #599)
|
||||||
|
Use secure cookies on HTTP if session.cookie_secure is set
|
||||||
PDO: Support binary fields download
|
PDO: Support binary fields download
|
||||||
MySQL: Use CONVERT() only when searching for non-ASCII (bug #603)
|
MySQL: Use CONVERT() only when searching for non-ASCII (bug #603)
|
||||||
PostgreSQL: Add SQL operator to search
|
PostgreSQL: Add SQL operator to search
|
||||||
|
|
Loading…
Reference in a new issue