From 0b33b995e855511924fc415b7ed9b031f40497a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Pe=CC=81rez?= <jaime.perez@uninett.no> Date: Mon, 4 Jul 2016 14:13:34 +0200 Subject: [PATCH] Make exception message when setting secure PHP session cookies through an insecure channel coincident with the message in SimpleSAML\Utils\HTTP::setCookie(). --- lib/SimpleSAML/SessionHandlerPHP.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php index abdb0610d..8947296c3 100644 --- a/lib/SimpleSAML/SessionHandlerPHP.php +++ b/lib/SimpleSAML/SessionHandlerPHP.php @@ -323,7 +323,7 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler if ($cookieParams['secure'] && !\SimpleSAML\Utils\HTTP::isHTTPS()) { throw new \SimpleSAML\Error\CannotSetCookie( - 'Secure cookies not allowed on http.', + 'Setting secure cookie on plain HTTP is not allowed.', \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE ); } -- GitLab