diff options
| author | Andrey Andreev <narf@devilix.net> | 2022-01-05 16:52:40 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2022-01-05 16:58:34 +0100 |
| commit | 4362b7d9f39189472950589ce47a483b6025f5e9 (patch) | |
| tree | 191cc7a930af06b7b4b536a173ac155b581afb73 /application | |
| parent | 22f4f5079b9fdf9090add2ac728fafd91a24ed2f (diff) | |
Merge pull request #6025 from gxgpet/develop
SameSite attribute implementation for CI_Input::set_cookie
Diffstat (limited to 'application')
| -rw-r--r-- | application/config/config.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php index 9ab8248e3..161b95699 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -397,6 +397,7 @@ $config['sess_regenerate_destroy'] = FALSE; | 'cookie_path' = Typically will be a forward slash | 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists. | 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) +| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None) | | Note: These settings (with the exception of 'cookie_prefix' and | 'cookie_httponly') will also affect sessions. @@ -407,6 +408,7 @@ $config['cookie_domain'] = ''; $config['cookie_path'] = '/'; $config['cookie_secure'] = FALSE; $config['cookie_httponly'] = FALSE; +$config['cookie_samesite'] = 'Lax'; /* |-------------------------------------------------------------------------- |