symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php
Lines changed: 6 additions & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php
Lines changed: 6 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/RememberMeCookieTest.php
Lines changed: 33 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/RememberMeCookieTest.php
Lines changed: 33 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/RememberMeCookie/bundles.php
Lines changed: 9 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/RememberMeCookie/bundles.php
Lines changed: 9 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/RememberMeCookie/config.yml
Lines changed: 25 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/RememberMeCookie/config.yml
Lines changed: 25 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/RememberMeCookie/routing.yml
Lines changed: 2 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/RememberMeCookie/routing.yml
Lines changed: 2 additions & 0 deletions
@@ -69,7 +69,12 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider,
         }
 
         // remember-me options
-        $rememberMeServices->replaceArgument(3, array_intersect_key($config, $this->options));
+        $mergedOptions = array_intersect_key($config, $this->options);
+        if ('auto' === $mergedOptions['secure']) {
+            $mergedOptions['secure'] = null;
+        }
+
+        $rememberMeServices->replaceArgument(3, $mergedOptions);
 
         // attach to remember-me aware listeners
         $userProviders = [];
 
@@ -0,0 +1,33 @@
+<?php
+
+namespace Symfony\Bundle\SecurityBundle\Tests\Functional;
+
+use Symfony\Component\HttpFoundation\ResponseHeaderBag;
+
+class RememberMeCookieTest extends AbstractWebTestCase
+{
+    /** @dataProvider getSessionRememberMeSecureCookieFlagAutoHttpsMap */
+    public function testSessionRememberMeSecureCookieFlagAuto($https, $expectedSecureFlag)
+    {
+        $client = $this->createClient(['test_case' => 'RememberMeCookie', 'root_config' => 'config.yml']);
+
+        $client->request('POST', '/login', [
+            '_username' => 'test',
+            '_password' => 'test',
+        ], [], [
+             'HTTPS' => (int) $https
+        ]);
+
+        $cookies = $client->getResponse()->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
+
+        $this->assertEquals($expectedSecureFlag, $cookies['']['/']['REMEMBERME']->isSecure());
+    }
+
+    public function getSessionRememberMeSecureCookieFlagAutoHttpsMap()
+    {
+        return [
+            [true, true],
+            [false, false]
+        ];
+    }
+}
@@ -0,0 +1,9 @@
+<?php
+
+use Symfony\Bundle\FrameworkBundle\FrameworkBundle;
+use Symfony\Bundle\SecurityBundle\SecurityBundle;
+
+return [
+    new FrameworkBundle(),
+    new SecurityBundle()
+];
@@ -0,0 +1,25 @@
+imports:
+    - { resource: ./../config/framework.yml }
+
+security:
+    encoders:
+        Symfony\Component\Security\Core\User\User: plaintext
+
+    providers:
+        in_memory:
+            memory:
+                users:
+                    test: { password: test, roles: [ROLE_USER] }
+
+    firewalls:
+        default:
+            form_login:
+                check_path: login
+                remember_me: true
+                require_previous_session: false
+            remember_me:
+                always_remember_me: true
+                secret: key
+                secure: auto
+            logout: ~
+            anonymous: ~
@@ -0,0 +1,2 @@
+login:
+    path: /login