Commit 232bf01a authored by Taylor Otwell's avatar Taylor Otwell

fix secure cookie issue.

parent ffb40346
...@@ -68,6 +68,14 @@ class Cookie { ...@@ -68,6 +68,14 @@ class Cookie {
$expiration = time() + ($expiration * 60); $expiration = time() + ($expiration * 60);
} }
// If the secure option is set to true, yet the request is not over HTTPS
// we'll throw an exception to let the developer know that they are
// attempting to send a secure cookie over the unsecure HTTP.
if ($secure and ! Request::secure())
{
throw new \Exception("Attempting to set secure cookie over HTTP.");
}
static::$jar[$name] = compact('name', 'value', 'expiration', 'path', 'domain', 'secure'); static::$jar[$name] = compact('name', 'value', 'expiration', 'path', 'domain', 'secure');
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment