diff options
| author | George Petculescu <gxgpet@gmail.com> | 2021-02-28 19:10:00 +0100 |
|---|---|---|
| committer | George Petculescu <gxgpet@gmail.com> | 2021-02-28 19:10:00 +0100 |
| commit | eb770fdc6d809bc7c28d499f897c0ab2c449f669 (patch) | |
| tree | 986bb277c33cea343b16071533d46598e9d91515 /application | |
| parent | 324628c27ca82e89d5e3a85034127835d29dd9fc (diff) | |
Initial implementation of samesite for CI_Input::set_cookie
Diffstat (limited to 'application')
| -rw-r--r-- | application/config/config.php | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/application/config/config.php b/application/config/config.php index f92d11f5d..4ffd83352 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -385,6 +385,7 @@ $config['sess_regenerate_destroy'] = FALSE; | 'cookie_path' = Typically will be a forward slash | 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists. | 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) +| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None) | | Note: These settings (with the exception of 'cookie_prefix' and | 'cookie_httponly') will also affect sessions. @@ -395,6 +396,7 @@ $config['cookie_domain'] = ''; $config['cookie_path'] = '/'; $config['cookie_secure'] = FALSE; $config['cookie_httponly'] = FALSE; +$config['cookie_samesite'] = 'lax'; /* |-------------------------------------------------------------------------- |