Set secure session cookies when redirecting from HTTP to HTTPS. So far for session cookies the secure property was only set when no HTTP port was opened. This changes to also set it when HTTP is redirected to the HTTPS port.

commit: 60099a42faf7c34edb4651253cdb1a7723fbf029 [log] [tgz]
author: Florian Zschocke <florian.zschocke@devolo.de> Sat Dec 10 11:30:28 2016 +0100
committer: Florian Zschocke <florian.zschocke@devolo.de> Sat Dec 10 11:30:28 2016 +0100
tree: 69d5267a8084c1941591918cd8108df97671ad2c
parent: 90a8d1af6c202c8efcca5a0fdaf341494cb0b8eb [diff]
diff --git a/src/main/java/com/gitblit/GitBlitServer.java b/src/main/java/com/gitblit/GitBlitServer.java
index d56d9c0..6123a87 100644
--- a/src/main/java/com/gitblit/GitBlitServer.java
+++ b/src/main/java/com/gitblit/GitBlitServer.java

@@ -375,7 +375,8 @@
 		HashSessionManager sessionManager = new HashSessionManager();
 		sessionManager.setHttpOnly(true);
 		// Use secure cookies if only serving https
-		sessionManager.setSecureRequestOnly(params.port <= 0 && params.securePort > 0);
+		sessionManager.setSecureRequestOnly( (params.port <= 0 && params.securePort > 0) ||
+				(params.port > 0 && params.securePort > 0 && settings.getBoolean(Keys.server.redirectToHttpsPort, true)) );
 		rootContext.getSessionHandler().setSessionManager(sessionManager);
 
 		// Ensure there is a defined User Service
commit	60099a42faf7c34edb4651253cdb1a7723fbf029	[log] [tgz]
author	Florian Zschocke <florian.zschocke@devolo.de>	Sat Dec 10 11:30:28 2016 +0100
committer	Florian Zschocke <florian.zschocke@devolo.de>	Sat Dec 10 11:30:28 2016 +0100
tree	69d5267a8084c1941591918cd8108df97671ad2c
parent	90a8d1af6c202c8efcca5a0fdaf341494cb0b8eb [diff]