- fix HTTPS checking (#1486273)

15 years ago · 3ea30ef7eb
parent 1cf86b731c
commit 3ea30ef7eb
3 changed files with 4 additions and 4 deletions
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@ -51,8 +51,8 @@ if (set_include_path($include_path) === false) {
 }

 ini_set('error_reporting', E_ALL&~E_NOTICE);
-if  (isset($_SERVER['HTTPS'])) {
-   ini_set('session.cookie_secure', ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off'))?1:0);
+if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') {
+   ini_set('session.cookie_secure', 1);
 } else {
   ini_set('session.cookie_secure', 0);
 }
--- a/program/include/main.inc
+++ b/program/include/main.inc
@ -1410,7 +1410,7 @@ function rcube_https_check($port=null, $use_https=true)
 {
  global $RCMAIL;
  
-  if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
+  if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off')
    return true;
  if ($port && $_SERVER['SERVER_PORT'] == $port)
    return true;
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@ -1063,7 +1063,7 @@ class rcmail
  {
    $cookie = session_get_cookie_params();
    setcookie($name, $value, $exp, $cookie['path'], $cookie['domain'],
-      ($_SERVER['HTTPS'] && ($_SERVER['HTTPS'] != 'off')));
+      rcube_https_check());
  }
 }