Enable secure session and cookies by default if installed or upgraded in an HTTPS site

2026-04-02 01:52:10 +09:00 · 2026-02-26 01:25:36 +09:00 · 2026-02-26 01:25:36 +09:00 · d0d1505367
commit d0d1505367
parent 7ce40653d7
2 changed files with 9 additions and 0 deletions
--- a/common/framework/parsers/ConfigParser.php
+++ b/common/framework/parsers/ConfigParser.php
@ -184,6 +184,8 @@ class ConfigParser
 		if (isset($db_info->use_ssl) && in_array($db_info->use_ssl, ['always', 'optional']))
 		{
 			$config['url']['ssl'] = 'always';
+			$config['session']['use_ssl'] = true;
+			$config['session']['use_ssl_cookies'] = true;
 		}
 		else
 		{