diff --git a/laravel/cookie.php b/laravel/cookie.php index bafe6422..870eb891 100644 --- a/laravel/cookie.php +++ b/laravel/cookie.php @@ -68,6 +68,14 @@ class Cookie { $expiration = time() + ($expiration * 60); } + // If the secure option is set to true, yet the request is not over HTTPS + // we'll throw an exception to let the developer know that they are + // attempting to send a secure cookie over the unsecure HTTP. + if ($secure and ! Request::secure()) + { + throw new \Exception("Attempting to set secure cookie over HTTP."); + } + static::$jar[$name] = compact('name', 'value', 'expiration', 'path', 'domain', 'secure'); }