2 files changed, 20 insertions, 6 deletions

diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 198ea6a..abdb061 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -322,11 +322,17 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler
         }
 
         if ($cookieParams['secure'] && !\SimpleSAML\Utils\HTTP::isHTTPS()) {
-            throw new SimpleSAML\Error\CannotSetCookie('Secure cookies not allowed on http.');
+            throw new \SimpleSAML\Error\CannotSetCookie(
+                'Secure cookies not allowed on http.',
+                \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE
+            );
         }
 
         if (headers_sent()) {
-            throw new SimpleSAML\Error\CannotSetCookie('Headers already sent.');
+            throw new \SimpleSAML\Error\CannotSetCookie(
+                'Headers already sent.',
+                \SimpleSAML\Error\CannotSetCookie::HEADERS_SENT
+            );
         }
 
         session_set_cookie_params(
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index c1121de..a586ef8 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -1041,7 +1041,13 @@ class HTTP
 
         // Do not set secure cookie if not on HTTPS
         if ($params['secure'] && !self::isHTTPS()) {
-            Logger::warning('Setting secure cookie on plain HTTP is not allowed.');
+            if ($throw) {
+                throw new \SimpleSAML\Error\CannotSetCookie(
+                    'Setting secure cookie on plain HTTP is not allowed.',
+                    \SimpleSAML\Error\CannotSetCookie::SECURE_COOKIE
+                );
+            }
+            Logger::warning('Error setting cookie: setting secure cookie on plain HTTP is not allowed.');
             return;
         }
 
@@ -1079,10 +1085,12 @@ class HTTP
 
         if (!$success) {
             if ($throw) {
-                throw new \SimpleSAML\Error\CannotSetCookie('Headers already sent.');
-            } else {
-                Logger::warning('Error setting cookie: headers already sent.');
+                throw new \SimpleSAML\Error\CannotSetCookie(
+                    'Headers already sent.',
+                    \SimpleSAML\Error\CannotSetCookie::HEADERS_SENT
+                );
             }
+            Logger::warning('Error setting cookie: headers already sent.');
         }
     }