diff options
author | Andrey Andreev <narf@devilix.net> | 2022-01-05 16:52:40 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-05 16:52:40 +0100 |
commit | c382445b71682cfa4ee9048a5b775d07102d0ef8 (patch) | |
tree | 72f742fa278de276601724ca413dc773eaa67239 /application/config | |
parent | 5e79f1b0dda522efcd1a0cb379d6e7fb1f5cc557 (diff) | |
parent | 1415d4ec99c7dbaec2c34742536e00eb9cb7493f (diff) |
Merge pull request #6025 from gxgpet/develop
SameSite attribute implementation for CI_Input::set_cookie
Diffstat (limited to 'application/config')
-rw-r--r-- | application/config/config.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php index f92d11f5d..596f8fefe 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -385,6 +385,7 @@ $config['sess_regenerate_destroy'] = FALSE; | 'cookie_path' = Typically will be a forward slash | 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists. | 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) +| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None) | | Note: These settings (with the exception of 'cookie_prefix' and | 'cookie_httponly') will also affect sessions. @@ -395,6 +396,7 @@ $config['cookie_domain'] = ''; $config['cookie_path'] = '/'; $config['cookie_secure'] = FALSE; $config['cookie_httponly'] = FALSE; +$config['cookie_samesite'] = 'Lax'; /* |-------------------------------------------------------------------------- |