# HG changeset patch # User Sylvain Thénault # Date 1287642218 -7200 # Node ID 7e9a1a5919e80b40353569afee9c5f2a569c50d4 # Parent 806b53dc54742b12e866b9168b09adc20b4d9ace #1346310: Add `Secure` attribute to cookie when navigating on https diff -r 806b53dc5474 -r 7e9a1a5919e8 web/application.py --- a/web/application.py Wed Oct 20 17:37:00 2010 +0200 +++ b/web/application.py Thu Oct 21 08:23:38 2010 +0200 @@ -216,6 +216,8 @@ session = self.session_manager.open_session(req) cookie = req.get_cookie() cookie[self.SESSION_VAR] = session.sessionid + if req.https: + cookie[self.SESSION_VAR]['secure'] = True req.set_cookie(cookie, self.SESSION_VAR, maxage=None) if not session.anonymous_session: self._postlogin(req)