From 3e00ce2efb954e2eb00f87093405ce2612583671 Mon Sep 17 00:00:00 2001
From: Taylor Otwell <taylorotwell@gmail.com>
Date: Wed, 4 Apr 2012 09:50:01 -0500
Subject: [PATCH] fix bug regarding SSL cookies.

---
 artisan            |  2 +-
 changes.md         | 12 ++++++++++++
 laravel/cookie.php |  8 ++++++++
 paths.php          |  2 +-
 public/index.php   |  2 +-
 5 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/artisan b/artisan
index 66a0cc09..8f7bfe4e 100644
--- a/artisan
+++ b/artisan
@@ -3,7 +3,7 @@
  * Laravel - A PHP Framework For Web Artisans
  *
  * @package  Laravel
- * @version  3.1.4
+ * @version  3.1.5
  * @author   Taylor Otwell <taylorotwell@gmail.com>
  * @link     http://laravel.com
  */
diff --git a/changes.md b/changes.md
index 89d246ef..80d9b775 100644
--- a/changes.md
+++ b/changes.md
@@ -2,6 +2,8 @@ ## Laravel Change Log
 
 ## Contents
 
+- [Laravel 3.1.5](#3.1.5)
+- [Upgrading From 3.1.4](#upgrade-3.1.5)
 - [Laravel 3.1.4](#3.1.4)
 - [Upgrading From 3.1.3](#upgrade-3.1.4)
 - [Laravel 3.1.3](#3.1.3)
@@ -13,6 +15,16 @@ ## Contents
 - [Laravel 3.1](#3.1)
 - [Upgrading From 3.0](#upgrade-3.1)
 
+<a name="3.1.5"></a>
+## Laravel 3.1.5
+
+- Fixes bug that could allow secure cookies to be sent over HTTP.
+
+<a name="upgrade-3.1.5"></a>
+## Upgrading From 3.1.4
+
+- Replace the **laravel** folder.
+
 <a name="3.1.4"></a>
 ## Laravel 3.1.4
 
diff --git a/laravel/cookie.php b/laravel/cookie.php
index fc48212e..0f92818f 100644
--- a/laravel/cookie.php
+++ b/laravel/cookie.php
@@ -63,6 +63,14 @@ protected static function set($cookie)
 		}
 		else
 		{
+			// We don't want to send secure cookies over HTTP unless the developer has
+			// turned off the "SSL" application configuration option, which is used
+			// while developing the application but should be true in production.
+			if ($secure and ! Request::secure() and Config::get('application.ssl'))
+			{
+				return;
+			}
+
 			setcookie($name, $value, $time, $path, $domain, $secure);
 		}
 	}
diff --git a/paths.php b/paths.php
index 152a4f79..f0136e1a 100644
--- a/paths.php
+++ b/paths.php
@@ -3,7 +3,7 @@
  * Laravel - A PHP Framework For Web Artisans
  *
  * @package  Laravel
- * @version  3.1.4
+ * @version  3.1.5
  * @author   Taylor Otwell <taylorotwell@gmail.com>
  * @link     http://laravel.com
  */
diff --git a/public/index.php b/public/index.php
index 561d13a3..56896d97 100644
--- a/public/index.php
+++ b/public/index.php
@@ -3,7 +3,7 @@
  * Laravel - A PHP Framework For Web Artisans
  *
  * @package  Laravel
- * @version  3.1.4
+ * @version  3.1.5
  * @author   Taylor Otwell <taylorotwell@gmail.com>
  * @link     http://laravel.com
  */