Annajwaszahro
/
MIF_E31222691
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1850 from rk/patch-1 

Check application.ssl when setting a secure cookie
This commit is contained in:
Taylor Otwell 2013-04-06 18:27:53 -07:00
parent 9c9b6eed10 785e168f5e
commit 936160f907
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
laravel/cookie.php
View File

@ -82,6 +82,10 @@ public static function put($name, $value, $expiration = 0, $path = '/', $domain
$value = static::hash($value).'+'.$value; $value = static::hash($value).'+'.$value;
// If the developer has explicitly disabled SLL, then we shouldn't force
// this cookie over SSL.
$secure = $secure && Config::get('application.ssl');
// If the secure option is set to true, yet the request is not over HTTPS // If the secure option is set to true, yet the request is not over HTTPS
// we'll throw an exception to let the developer know that they are // we'll throw an exception to let the developer know that they are
// attempting to send a secure cookie over the insecure HTTP. // attempting to send a secure cookie over the insecure HTTP.