Index: trunk/core/kernel/session/session.php
===================================================================
diff -u -r2669 -r2673
--- trunk/core/kernel/session/session.php	(.../session.php)	(revision 2669)
+++ trunk/core/kernel/session/session.php	(.../session.php)	(revision 2673)
@@ -306,11 +306,13 @@
 		}
 	}
 
-	function CheckReferer($for_cookies=0)
+	function IsHTTPSRedirect()
 	{
-		// if it is a redirect from http to https
-		if (!$for_cookies && PROTOCOL == 'https://' && preg_match('#http:\/\/#', $_SERVER['HTTP_REFERER'])) return true;
+		return (PROTOCOL == 'https://' && preg_match('#http:\/\/#', $_SERVER['HTTP_REFERER']));
+	}
 
+	function CheckReferer()
+	{
 		$path = preg_replace("/admin$/", '', $this->CookiePath); // removing /admin for compatability with in-portal (in-link/admin/add_link.php)
 		$reg = '#^'.preg_quote(PROTOCOL.$this->CookieDomain.$path).'#';
 		return preg_match($reg, $_SERVER['HTTP_REFERER']) || (defined('IS_POPUP') && IS_POPUP);
@@ -329,7 +331,7 @@
 
 		if (!$cookies_on) {
 			//If referer is our server, but we don't have our cookies_on, it's definetly off
-			if ($this->CheckReferer(1) && !$this->Application->GetVar('admin')) {
+			if ($this->CheckReferer() && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect()) {
 				$this->CookiesEnabled = false;
 			}
 			else {
@@ -355,6 +357,13 @@
 		// we should check referer if cookies are disabled, and in combined mode
 		// auto mode would detect cookies, get only mode would turn it off - so we would get here
 		// and we don't care about referal in cookies only mode
+
+		$http_query =& $this->Application->recallObject('HTTPQuery');
+		$get_sid = getArrayValue($http_query->Get, $this->GETName);
+		if ($this->IsHTTPSRedirect() && $get_sid) { //Redirect from http to https on different domain
+			$this->SetMode(smGET_ONLY);
+		}
+
 		if ( $this->Mode != smCOOKIES_ONLY && (!$this->CookiesEnabled || $this->Mode == smCOOKIES_AND_GET) ) {
 			if (!$this->CheckReferer())
 				return false;