Remove last occurence of `forcessl`

This shoudl have been adjusted as well, now it's consistent with `setMagicInCookie`. While it does not have a security impact directly some automated scanners reported this all the time.
author: Lukas Reschke <lukas@owncloud.com> 2015-08-26 14:29:36 +0200
committer: Lukas Reschke <lukas@owncloud.com> 2015-08-26 14:29:36 +0200
commit: 3d2ee95f1e06972188967b2bc19720001a4f1395 (patch)
tree: f248769b52e24011114e1584a2e12779e4b0a89b
parent: 2d0d79296b1b90e96a6042e8a29a49e1802b917d (diff)
download: nextcloud-server-3d2ee95f1e06972188967b2bc19720001a4f1395.tar.gz
nextcloud-server-3d2ee95f1e06972188967b2bc19720001a4f1395.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/private/user/session.php b/lib/private/user/session.php
index 75a884fb452..baceeb43956 100644
--- a/lib/private/user/session.php
+++ b/lib/private/user/session.php
@@ -297,8 +297,8 @@ class Session implements IUserSession, Emitter {
 	 * Remove cookie for "remember username"
 	 */
 	public function unsetMagicInCookie() {
-		//TODO: DI for cookies and OC_Config
-		$secureCookie = \OC_Config::getValue('forcessl', false);
+		//TODO: DI for cookies and IRequest
+		$secureCookie = \OC::$server->getRequest()->getServerProtocol() === 'https';
 
 		unset($_COOKIE["oc_username"]); //TODO: DI
 		unset($_COOKIE["oc_token"]);
author	Lukas Reschke <lukas@owncloud.com>	2015-08-26 14:29:36 +0200
committer	Lukas Reschke <lukas@owncloud.com>	2015-08-26 14:29:36 +0200
commit	3d2ee95f1e06972188967b2bc19720001a4f1395 (patch)
tree	f248769b52e24011114e1584a2e12779e4b0a89b
parent	2d0d79296b1b90e96a6042e8a29a49e1802b917d (diff)
download	nextcloud-server-3d2ee95f1e06972188967b2bc19720001a4f1395.tar.gz nextcloud-server-3d2ee95f1e06972188967b2bc19720001a4f1395.zip