commit a10c8e17bbd1eb75aed1bb74523449f81ee393a2
author Andrey Andreev <narf@bofh.bg> Wed Feb 29 18:56:12 2012 +0200
committer Andrey Andreev <narf@bofh.bg> Wed Feb 29 18:56:12 2012 +0200
tree 238fba516bcc1a4f59c65246866235d98141f352
parent 8a51f885b1bfdb816088837cd4443511bd77ed7a

Add strtolower to the HTTPS check

system/core/Security.php

diff --git a/system/core/Security.php b/system/core/Security.php
index 688aeba..6f25fb5 100755
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -191,7 +191,7 @@
 		$expire = time() + $this->_csrf_expire;
 		$secure_cookie = (bool) config_item('cookie_secure');
 
-		if ($secure_cookie && (empty($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] === 'off'))
+		if ($secure_cookie && (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) === 'off'))
 		{
 			return FALSE;
 		}