summaryrefslogtreecommitdiffstats
path: root/application/config/config.php
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2022-01-09 11:31:26 +0100
committerFlorian Pritz <bluewind@xinu.at>2022-01-09 11:31:26 +0100
commit5fb561ed3d972659213de47cb67fdc094adfbc1e (patch)
treefebd9f7e45d93801c2207691532cad144a848179 /application/config/config.php
parent82141c4baf5a1436b6eca8b1efa6e2bff3991179 (diff)
parentad57720c57c11620c77181655d637a5bfdbe2643 (diff)
Merge remote-tracking branch 'upstream/3.1-stable' into dev
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/config/config.php')
-rw-r--r--application/config/config.php13
1 files changed, 10 insertions, 3 deletions
diff --git a/application/config/config.php b/application/config/config.php
index ec15f6c2c..845e6b55c 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -13,9 +13,9 @@ defined('BASEPATH') OR exit('No direct script access allowed');
|
| WARNING: You MUST set this value!
|
-| If it is not set, then CodeIgniter will try guess the protocol and path
-| your installation, but due to security concerns the hostname will be set
-| to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise.
+| If it is not set, then CodeIgniter will try to guess the protocol and
+| path to your installation, but due to security concerns the hostname will
+| be set to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise.
| The auto-detection mechanism exists only for convenience during
| development and MUST NOT be used in production!
|
@@ -345,6 +345,10 @@ $config['encryption_key'] = '';
|
| The session cookie name, must contain only [0-9a-z_-] characters
|
+| 'sess_samesite'
+|
+| Session cookie SameSite attribute: Lax (default), Strict or None
+|
| 'sess_expiration'
|
| The number of SECONDS you want the session to last.
@@ -385,6 +389,7 @@ $config['encryption_key'] = '';
*/
$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_session';
+$config['sess_samesite'] = 'Lax';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = "ci_sessions";
$config['sess_match_ip'] = FALSE;
@@ -401,6 +406,7 @@ $config['sess_regenerate_destroy'] = FALSE;
| 'cookie_path' = Typically will be a forward slash
| 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists.
| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
+| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None)
|
| Note: These settings (with the exception of 'cookie_prefix' and
| 'cookie_httponly') will also affect sessions.
@@ -411,6 +417,7 @@ $config['cookie_domain'] = '';
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = FALSE;
+$config['cookie_samesite'] = 'Lax';
/*
|--------------------------------------------------------------------------