From ca97abe77fb74fce8c8eff7df21128d15707d89f Mon Sep 17 00:00:00 2001 From: Taylor Otwell Date: Fri, 22 Jul 2011 08:00:57 -0700 Subject: [PATCH] Added http_only configuration item to session cookie. --- system/session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/session.php b/system/session.php index cde095ac..464aea4a 100644 --- a/system/session.php +++ b/system/session.php @@ -198,7 +198,7 @@ public static function close() { $minutes = (Config::get('session.expire_on_close')) ? 0 : Config::get('session.lifetime'); - Cookie::put('laravel_session', static::$session['id'], $minutes, Config::get('session.path'), Config::get('session.domain'), Config::get('session.https')); + Cookie::put('laravel_session', static::$session['id'], $minutes, Config::get('session.path'), Config::get('session.domain'), Config::get('session.https'), Config::get('session.http_only')); } // 2% chance of performing session garbage collection...