diff options
author | Rajat Jain <rajatjain.ix@gmail.com> | 2020-10-06 13:02:10 +0300 |
---|---|---|
committer | Rajat Jain <rajatjain.ix@gmail.com> | 2020-10-17 14:06:31 +0300 |
commit | 8e5d4d4708d42abdcf3a6a3dd79155ba1d4c90fe (patch) | |
tree | 4e962a8d97bb98995d72254187364b19c0f3bbbf /libraries/config.default.php | |
parent | 0cad95a5de557d06339725df39513af2e9e4c089 (diff) |
Use of SameSite=Strict
Signed-off-by: Rajat Jain <rajatjain.ix@gmail.com>
Update Config.php
Polyfilled
version fixes
Signed-off-by: Rajat Jain <rajatjain.ix@gmail.com>
Update libraries/classes/Config.php
Co-authored-by: MaurĂcio Meneghini Fauth <mauricio@fauth.dev>
phpcs fixes
samesite made as configuration directive
bugfix, sets sameSite as global configuration directive
CodeReviewed
Changed config.rst
IETF RFC link aded
Version added
Trailing whitespace fixed.
RFC hyperlink added
trailing whitespace
Diffstat (limited to 'libraries/config.default.php')
-rw-r--r-- | libraries/config.default.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/libraries/config.default.php b/libraries/config.default.php index 2ee0c71a9b..e87e19b49f 100644 --- a/libraries/config.default.php +++ b/libraries/config.default.php @@ -777,6 +777,13 @@ $cfg['AllowUserDropDatabase'] = false; $cfg['Confirm'] = true; /** + * sets SameSite attribute of the Set-Cookie HTTP response header + * + * @global boolean $cfg['CookieSameSite'] + */ + $cfg['CookieSameSite'] = 'Strict'; + +/** * recall previous login in cookie authentication mode or not * * @global boolean $cfg['LoginCookieRecall'] |