785e168f5e
Most SLL-related code in Laravel checks to see if `application.ssl`
is true before doing an action requiring it. `Cookie::put()` is the
only exception that I've found, to date, that doesn't test for SSL.
This checks to see that the SSL is enabled when attempting to set a
secure cookie.
To verify, set `application.ssl` to false (without this patch) then
run:
Cookie::put('foo', 'bar', 0, '/', null, true);
You will get an exception because of line 90 in `cookie.php`:
if ($secure and ! Request::secure())
{
throw new \Exception("Attempting to set secure cookie over HTTP.");
}
With this patch you will not get this error unless both `application.ssl`
is true, and the cookie `$secure` flag is set.
4.1 KiB
4.1 KiB