Merge #16386 - Fixes #16316 - Support Cookie SameSite=Strict

Fixes: #16316 Pull-request: #16386 Signed-off-by: William Desportes <williamdes@wdes.fr>
author: William Desportes <williamdes@wdes.fr> 2020-11-02 00:12:41 +0300
committer: William Desportes <williamdes@wdes.fr> 2020-11-02 00:13:22 +0300
commit: e7feedd28f353571f9195bb6d8144b558bd353d4 (patch)
tree: 085698ea45d7486bb2b6d38546be12bd00415fdd /libraries/config.default.php
parent: 8ede8711931e4fdcb9f0b23925203d189a319596 (diff)
parent: 8e5d4d4708d42abdcf3a6a3dd79155ba1d4c90fe (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/libraries/config.default.php b/libraries/config.default.php
index 6d4121e8b1..e1e6bfd21e 100644
--- a/libraries/config.default.php
+++ b/libraries/config.default.php
@@ -777,6 +777,13 @@ $cfg['AllowUserDropDatabase'] = false;
 $cfg['Confirm'] = true;
 
 /**
+ * sets SameSite attribute of the Set-Cookie HTTP response header
+ *
+ * @global boolean $cfg['CookieSameSite']
+ */
+ $cfg['CookieSameSite'] = 'Strict';
+
+/**
  * recall previous login in cookie authentication mode or not
  *
  * @global boolean $cfg['LoginCookieRecall']
author	William Desportes <williamdes@wdes.fr>	2020-11-02 00:12:41 +0300
committer	William Desportes <williamdes@wdes.fr>	2020-11-02 00:13:22 +0300
commit	e7feedd28f353571f9195bb6d8144b558bd353d4 (patch)
tree	085698ea45d7486bb2b6d38546be12bd00415fdd /libraries/config.default.php
parent	8ede8711931e4fdcb9f0b23925203d189a319596 (diff)
parent	8e5d4d4708d42abdcf3a6a3dd79155ba1d4c90fe (diff)