if (
$request->getProtocol() == 'http' &&
(
- $request->getSession()->shouldForceHTTPS() ||
- // Check the cookie manually, for paranoia
$request->getCookie( 'forceHTTPS', '' ) ||
- // check for prefixed version that was used for a time in older MW versions
+ // check for prefixed version for currently logged in users
$request->getCookie( 'forceHTTPS' ) ||
// Avoid checking the user and groups unless it's enabled.
(