From 0b33b995e855511924fc415b7ed9b031f40497a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no>
Date: Mon, 4 Jul 2016 14:13:34 +0200
Subject: [PATCH] Make exception message when setting secure PHP session
 cookies through an insecure channel coincident with the message in
 SimpleSAML\Utils\HTTP::setCookie().

---
 lib/SimpleSAML/SessionHandlerPHP.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index abdb0610d..8947296c3 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -323,7 +323,7 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
 
         if ($cookieParams['secure'] && !\SimpleSAML\Utils\HTTP::isHTTPS()) {
             throw new \SimpleSAML\Error\CannotSetCookie(
-                'Secure cookies not allowed on http.',
+                'Setting secure cookie on plain HTTP is not allowed.',
                 \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE
             );
         }
-- 
GitLab