summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2022-01-09 11:31:26 +0100
committerFlorian Pritz <bluewind@xinu.at>2022-01-09 11:31:26 +0100
commit5fb561ed3d972659213de47cb67fdc094adfbc1e (patch)
treefebd9f7e45d93801c2207691532cad144a848179 /application
parent82141c4baf5a1436b6eca8b1efa6e2bff3991179 (diff)
parentad57720c57c11620c77181655d637a5bfdbe2643 (diff)
Merge remote-tracking branch 'upstream/3.1-stable' into dev
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/config/config.php13
-rw-r--r--application/config/mimes.php2
2 files changed, 11 insertions, 4 deletions
diff --git a/application/config/config.php b/application/config/config.php
index ec15f6c2c..845e6b55c 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -13,9 +13,9 @@ defined('BASEPATH') OR exit('No direct script access allowed');
|
| WARNING: You MUST set this value!
|
-| If it is not set, then CodeIgniter will try guess the protocol and path
-| your installation, but due to security concerns the hostname will be set
-| to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise.
+| If it is not set, then CodeIgniter will try to guess the protocol and
+| path to your installation, but due to security concerns the hostname will
+| be set to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise.
| The auto-detection mechanism exists only for convenience during
| development and MUST NOT be used in production!
|
@@ -345,6 +345,10 @@ $config['encryption_key'] = '';
|
| The session cookie name, must contain only [0-9a-z_-] characters
|
+| 'sess_samesite'
+|
+| Session cookie SameSite attribute: Lax (default), Strict or None
+|
| 'sess_expiration'
|
| The number of SECONDS you want the session to last.
@@ -385,6 +389,7 @@ $config['encryption_key'] = '';
*/
$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_session';
+$config['sess_samesite'] = 'Lax';
$config['sess_expiration'] = 7200;
$config['sess_save_path'] = "ci_sessions";
$config['sess_match_ip'] = FALSE;
@@ -401,6 +406,7 @@ $config['sess_regenerate_destroy'] = FALSE;
| 'cookie_path' = Typically will be a forward slash
| 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists.
| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
+| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None)
|
| Note: These settings (with the exception of 'cookie_prefix' and
| 'cookie_httponly') will also affect sessions.
@@ -411,6 +417,7 @@ $config['cookie_domain'] = '';
$config['cookie_path'] = '/';
$config['cookie_secure'] = FALSE;
$config['cookie_httponly'] = FALSE;
+$config['cookie_samesite'] = 'Lax';
/*
|--------------------------------------------------------------------------
diff --git a/application/config/mimes.php b/application/config/mimes.php
index f5407ff89..b2e989fea 100644
--- a/application/config/mimes.php
+++ b/application/config/mimes.php
@@ -162,7 +162,7 @@ return array(
'cdr' => array('application/cdr', 'application/coreldraw', 'application/x-cdr', 'application/x-coreldraw', 'image/cdr', 'image/x-cdr', 'zz-application/zz-winassoc-cdr'),
'wma' => array('audio/x-ms-wma', 'video/x-ms-asf'),
'jar' => array('application/java-archive', 'application/x-java-application', 'application/x-jar', 'application/x-compressed'),
- 'svg' => array('image/svg+xml', 'application/xml', 'text/xml'),
+ 'svg' => array('image/svg+xml', 'image/svg', 'application/xml', 'text/xml'),
'vcf' => 'text/x-vcard',
'srt' => array('text/srt', 'text/plain'),
'vtt' => array('text/vtt', 'text/plain'),