0037007: Remove unnecessary global variable $g_cookie_secure_flag_enabled

ID	Project	Category	View Status	Date Submitted	Last Update
0037007	mantisbt	code cleanup	public	2026-04-08 05:46	2026-04-21 09:07

Reporter	dregad	Assigned To	dregad
Priority	normal	Severity	minor	Reproducibility	N/A
Status	resolved	Resolution	fixed
Target Version	2.29.0	Fixed in Version	2.29.0

Summary	0037007: Remove unnecessary global variable $g_cookie_secure_flag_enabled
Description	With the introduction of http_is_https_protocol() function in MantisBT master f39ad8c9 (see 0014333), this global variable is not really needed anymore, as we can simply call the function whenever we need to set a cookie's secure flag.
Additional Information	Suggested by @raspopov in https://github.com/mantisbt/mantisbt/pull/2201#issuecomment-4201475022
Tags	No tags attached.

MantisBT: master 13bfed65 2026-04-21 09:07 dregad Committer: community Details Diff	Remove $g_cookie_secure_flag_enabled global var With the introduction of http_is_https_protocol() function [1], this global variable is not really needed anymore, as we can simply call the function whenever we need to set a cookie's secure flag. Fixes 0037007 (PR https://github.com/mantisbt/mantisbt/pull/2202) [1]: see commit f39ad8c9816fefd36747630d25b7355265eaacc5	Affected Issues 0037007
	mod - core/gpc_api.php	Diff File
	mod - core/session_api.php	Diff File

related to	0014333	closed	dregad	mantis bt switches to https from http
related to	0036819	resolved	dregad	Secure cookies are rejected by the browser

dregad 2026-04-08 06:24 developer ~0070951	PR https://github.com/mantisbt/mantisbt/pull/2202