Secure Cookies.

[kivitendo-erp.git] / SL / Form.pm

diff --git a/SL/Form.pm b/SL/Form.pm
index 74de73833eacd0b4d6cdc38a415998dc4d4b9668..4febdc72a61e9b9402c41ddb66f9a80cd7553b53 100644 (file)
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -607,9 +607,10 @@ sub create_http_response {
     my $session_cookie_value   = $main::auth->get_session_id();
     $session_cookie_value    ||= 'NO_SESSION';
 
-    $session_cookie = $cgi->cookie('-name'  => $main::auth->get_session_cookie_name(),
-                                   '-value' => $session_cookie_value,
-                                   '-path'  => $base_path);
+    $session_cookie = $cgi->cookie('-name'   => $main::auth->get_session_cookie_name(),
+                                   '-value'  => $session_cookie_value,
+                                   '-path'   => $base_path,
+                                   '-secure' => $ENV{HTTPS});
   }
 
   my %cgi_params = ('-type' => $params{content_type});