diff -r 808281bfd200 -r 7fab1804a49e includes/sessions.php
--- a/includes/sessions.php	Sat Nov 17 14:57:00 2007 -0500
+++ b/includes/sessions.php	Sat Nov 17 15:02:08 2007 -0500
@@ -863,7 +863,7 @@
     {
       // Stash it in a cookie
       // For now, make the cookie last forever, we can change this in 1.1.x
-      setcookie( 'sid', $session_key, time()+315360000, scriptPath.'/', null, ( isset($_SERVER['HTTPS']) ) );
+      setcookie( 'sid', $session_key, time()+315360000, scriptPath.'/', null, ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ) );
       $_COOKIE['sid'] = $session_key;
     }
     // $keyhash is stored in the database, this is for compatibility with the older DB structure