diff options
author | Natan Frei <[email protected]> | 2017-07-17 00:44:48 +0300 |
---|---|---|
committer | Natan Frei <[email protected]> | 2017-07-17 00:44:48 +0300 |
commit | e234ac8dcb2fa73bc573fea1e809ef45b3392ca7 (patch) | |
tree | fc536b1228b5c671fb0eb420fb2e2b4431b29b1a /include/sessions.php | |
parent | 9fa3ae09a6fe791805ee63e87fcac970e3f037ed (diff) |
$_SERVER['HTTPS'] can be exists and 'off' for non-https connectios
Diffstat (limited to 'include/sessions.php')
-rw-r--r-- | include/sessions.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/sessions.php b/include/sessions.php index 0690ab7ed..3d6e6e2c6 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -12,7 +12,7 @@ $session_expire = min(2147483647 - time() - 1, max(SESSION_COOKIE_LIFETIME, 86400)); $session_name = (!defined('TTRSS_SESSION_NAME')) ? "ttrss_sid" : TTRSS_SESSION_NAME; - if (@$_SERVER['HTTPS'] == "on") { + if ((!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] != 'off')) || @$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') { $session_name .= "_ssl"; ini_set("session.cookie_secure", true); } |