summaryrefslogtreecommitdiffstats
path: root/application/config
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2022-01-05 16:52:40 +0100
committerAndrey Andreev <narf@devilix.net>2022-01-05 16:58:34 +0100
commit4362b7d9f39189472950589ce47a483b6025f5e9 (patch)
tree191cc7a930af06b7b4b536a173ac155b581afb73 /application/config
parent22f4f5079b9fdf9090add2ac728fafd91a24ed2f (diff)
Merge pull request #6025 from gxgpet/develop
SameSite attribute implementation for CI_Input::set_cookie
Diffstat (limited to 'application/config')
-rw-r--r--application/config/config.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php
index 9ab8248e3..161b95699 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -397,6 +397,7 @@ $config['sess_regenerate_destroy'] = FALSE;
| 'cookie_path' = Typically will be a forward slash
| 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists.
| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
+| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None)
|
| Note: These settings (with the exception of 'cookie_prefix' and
| 'cookie_httponly') will also affect sessions.
@@ -407,6 +408,7 @@ $config['cookie_domain'] = '';
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = FALSE;
+$config['cookie_samesite'] = 'Lax';
/*
|--------------------------------------------------------------------------