Find in catalog/includes/application_top.php
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, $cookie_path, $cookie_domain);
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', $cookie_path);
ini_set('session.cookie_domain', $cookie_domain);
}
Change to:
ode:
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, $cookie_path, $cookie_domain);
ini_set('session.cookie_httponly',1);
ini_set('session.cookie_secure',1);
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', $cookie_path);
ini_set('session.cookie_domain', $cookie_domain);
ini_set('session.cookie_httponly',1);
ini_set('session.cookie_secure',1);
}
Find in catalog/admin/includes/application_top.php
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, $cookie_path, $cookie_domain);
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', $cookie_path);
ini_set('session.cookie_domain', $cookie_domain);
}
Change to:
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, $cookie_path, $cookie_domain);
ini_set('session.cookie_httponly',1);
ini_set('session.cookie_secure',1);
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', $cookie_path);
ini_set('session.cookie_domain', $cookie_domain);
ini_set('session.cookie_httponly',1);
ini_set('session.cookie_secure',1);
}