Index: trunk/core/kernel/session/session.php
===================================================================
diff -u -r3361 -r3472
--- trunk/core/kernel/session/session.php	(.../session.php)	(revision 3361)
+++ trunk/core/kernel/session/session.php	(.../session.php)	(revision 3472)
@@ -322,10 +322,12 @@
 				);
 	}
 
-	function CheckReferer()
+	function CheckReferer($for_cookies=0)
 	{
-		if ( !$this->Application->ConfigValue('SessionReferrerCheck') || $_SERVER['REQUEST_METHOD'] != 'POST') {
-			return true;
+		if (!$for_cookies) {
+			if ( !$this->Application->ConfigValue('SessionReferrerCheck') || $_SERVER['REQUEST_METHOD'] != 'POST') {
+				return true;
+			}
 		}
 		$path = preg_replace('/admin[\/]{0,1}$/', '', $this->CookiePath); // removing /admin for compatability with in-portal (in-link/admin/add_link.php)
 		$reg = '#^'.preg_quote(PROTOCOL.ltrim($this->CookieDomain, '.').$path).'#';
@@ -383,7 +385,7 @@
 
 		if (!$cookies_on || $this->IsHTTPSRedirect()) {
 			//If referer is our server, but we don't have our cookies_on, it's definetly off
-			if ($this->CheckReferer() && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect()) {
+			if ($this->CheckReferer(1) && !$this->Application->GetVar('admin') && !$this->IsHTTPSRedirect()) {
 				$this->CookiesEnabled = false;
 			}
 			else {