summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs')
-rw-r--r--src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs b/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs
index 3fc3a21..f51de1c 100644
--- a/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs
+++ b/src/DotNetOpenAuth.AspNet/OpenAuthAuthenticationTicketHelper.cs
@@ -106,10 +106,16 @@ namespace DotNetOpenAuth.AspNet {
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) {
HttpOnly = true,
- Path = FormsAuthentication.FormsCookiePath,
- Secure = FormsAuthentication.RequireSSL
+ Path = FormsAuthentication.FormsCookiePath
};
+ // only set Secure if FormsAuthentication requires SSL.
+ // otherwise, leave it to default value
+ if (FormsAuthentication.RequireSSL)
+ {
+ cookie.Secure = true;
+ }
+
if (FormsAuthentication.CookieDomain != null) {
cookie.Domain = FormsAuthentication.CookieDomain;
}
@@ -123,4 +129,4 @@ namespace DotNetOpenAuth.AspNet {
#endregion
}
-}
+} \ No newline at end of file
generated by cgit v1.1 at 2025-05-27 19:45:07 +0000