From: Simon McVittie <smcv@debian.org>
Date: Mon, 29 Nov 2010 19:30:44 +0000 (+0000)
Subject: Always set secure cookies if logging in via HTTPS
X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/commitdiff_plain/f33c2af2c467c30ce009c8578988c8fcddf1f32c?ds=inline

Always set secure cookies if logging in via HTTPS
---

diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index f2a32a958..14193c33a 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -12,7 +12,7 @@ use Encode;
 sub printheader ($) {
 	my $session=shift;
 	
-	if ($config{sslcookie}) {
+	if ($ENV{HTTPS} || $config{sslcookie}) {
 		print $session->header(-charset => 'utf-8',
 			-cookie => $session->cookie(-httponly => 1, -secure => 1));
 	}