Index: trunk/core/kernel/session/session.php
===================================================================
diff -u -r2819 -r2835
--- trunk/core/kernel/session/session.php	(.../session.php)	(revision 2819)
+++ trunk/core/kernel/session/session.php	(.../session.php)	(revision 2835)
@@ -217,6 +217,7 @@
 	var $Checkers;
 
 	var $Mode;
+	var $OriginalMode = null;
 	var $GETName = 'sid';
 
 	var $CookiesEnabled = true;
@@ -305,6 +306,8 @@
 		else {
 			$this->SetSession();
 		}
+
+		if (!is_null($this->OriginalMode)) $this->SetMode($this->OriginalMode);
 	}
 
 	function IsHTTPSRedirect()
@@ -335,6 +338,12 @@
 		$http_query =& $this->Application->recallObject('HTTPQuery');
 		$cookies_on = isset($http_query->Cookie['cookies_on']); // not good here
 
+		$get_sid = getArrayValue($http_query->Get, $this->GETName);
+		if ($this->IsHTTPSRedirect() && $get_sid) { //Redirect from http to https on different domain
+			$this->OriginalMode = $this->Mode;
+			$this->SetMode(smGET_ONLY);
+		}
+
 		if (!$cookies_on || $this->IsHTTPSRedirect()) {
 			//If referer is our server, but we don't have our cookies_on, it's definetly off
 			if ($this->CheckReferer() && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect()) {
@@ -364,12 +373,6 @@
 		// auto mode would detect cookies, get only mode would turn it off - so we would get here
 		// and we don't care about referal in cookies only mode
 
-		$http_query =& $this->Application->recallObject('HTTPQuery');
-		$get_sid = getArrayValue($http_query->Get, $this->GETName);
-		if ($this->IsHTTPSRedirect() && $get_sid) { //Redirect from http to https on different domain
-			$this->SetMode(smGET_ONLY);
-		}
-
 		if ( $this->Mode != smCOOKIES_ONLY && (!$this->CookiesEnabled || $this->Mode == smCOOKIES_AND_GET) ) {
 			if (!$this->CheckReferer())
 				return false;