summaryrefslogtreecommitdiffstats
path: root/application/config/config.php
diff options
context:
space:
mode:
authorGeorge Petculescu <gxgpet@gmail.com>2021-02-28 19:10:00 +0100
committerGeorge Petculescu <gxgpet@gmail.com>2021-02-28 19:10:00 +0100
commiteb770fdc6d809bc7c28d499f897c0ab2c449f669 (patch)
tree986bb277c33cea343b16071533d46598e9d91515 /application/config/config.php
parent324628c27ca82e89d5e3a85034127835d29dd9fc (diff)
Initial implementation of samesite for CI_Input::set_cookie
Diffstat (limited to 'application/config/config.php')
-rw-r--r--application/config/config.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php
index f92d11f5d..4ffd83352 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -385,6 +385,7 @@ $config['sess_regenerate_destroy'] = FALSE;
| 'cookie_path' = Typically will be a forward slash
| 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists.
| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
+| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None)
|
| Note: These settings (with the exception of 'cookie_prefix' and
| 'cookie_httponly') will also affect sessions.
@@ -395,6 +396,7 @@ $config['cookie_domain'] = '';
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = FALSE;
+$config['cookie_samesite'] = 'lax';
/*
|--------------------------------------------------------------------------