summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--system/libraries/Session/Session.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index 9d4561616..8d3ba2857 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -336,7 +336,7 @@ class CI_Session {
{
session_set_cookie_params(
$params['cookie_lifetime'],
- $params['cookie_path'],
+ $params['cookie_path'].'; SameSite='.$params['cookie_samesite'],
$params['cookie_domain'],
$params['cookie_secure'],
TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons