-
Benni Mack authored
The option $TYPO3_CONF_VARS[SYS][cookieSecure] is removed in favor of always setting a secure cookie on HTTPS requests. This leads to errors when a page would be available in HTTP and HTTPS which is normally not the case when using a full site base in Site Handling anymore, and making TYPO3 more secure out-of-the-box. Resolves: #87301 Releases: master Change-Id: Iba90c19456af6a82feb9c53fea52228fbff516be Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/65695 Tested-by: TYPO3com <noreply@typo3.com> Tested-by: Frank Nägler <frank.naegler@typo3.org> Tested-by: Oliver Bartsch <bo@cedev.de> Tested-by: Benni Mack <benni@typo3.org> Reviewed-by: Frank Nägler <frank.naegler@typo3.org> Reviewed-by: Jörg Bösche <typo3@joergboesche.de> Reviewed-by: Oliver Bartsch <bo@cedev.de> Reviewed-by: Benni Mack <benni@typo3.org>
b180b547