Added secure option.

app/config/session.php

@@ -124,4 +124,17 @@ return array(
 
 	'domain' => null,
 
+	/*
+	|--------------------------------------------------------------------------
+	| HTTPS Only Cookies
+	|--------------------------------------------------------------------------
+	|
+	| By setting this option to true, session cookies will only be sent back
+	| to the server if the browser has a HTTPS connection. This will keep
+	| the cookie from being sent to you if it can not be done securely.
+	|
+	*/
+
+	'secure' => false,
+
 );