diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/auth.inc | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index a002758..26f0497 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1260,6 +1260,18 @@ function authenticate_user($username, $password, $authcfg = NULL) { function session_auth() { global $HTTP_SERVER_VARS, $config, $_SESSION, $page; + // Handle HTTPS httponly and secure flags + if($config['system']['webgui']['protocol'] == "https") { + $currentCookieParams = session_get_cookie_params(); + session_set_cookie_params( + $currentCookieParams["lifetime"], + $currentCookieParams["path"], + NULL, + true, + true + ); + } + if (!session_id()) session_start(); |