From 4f43280bd17a6965dcc645546915fafedd080bd2 Mon Sep 17 00:00:00 2001
From: "Fedor A. Fetisov" <faf@ossg.ru>
Date: Fri, 13 Sep 2013 16:21:10 +0400
Subject: [PATCH] Set PHPSESSID cookie as secure if HTTPS is used

---
 src/messenger/webim/libs/common.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/messenger/webim/libs/common.php b/src/messenger/webim/libs/common.php
index d9692afe..f6c5ccff 100644
--- a/src/messenger/webim/libs/common.php
+++ b/src/messenger/webim/libs/common.php
@@ -17,6 +17,9 @@
 
 @ini_set('open_basedir', dirname(__FILE__) . '/../');
 @ini_set('session.cookie_httponly', TRUE);
+if (is_secure_request()) {
+    @ini_set('session.cookie_secure', TRUE);
+}
 
 require_once(dirname(__FILE__) . '/converter.php');
 require_once(dirname(__FILE__) . '/config.php');