From 4362b7d9f39189472950589ce47a483b6025f5e9 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Wed, 5 Jan 2022 17:52:40 +0200
Subject: Merge pull request #6025 from gxgpet/develop

SameSite attribute implementation for CI_Input::set_cookie
---
 application/config/config.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'application/config')

diff --git a/application/config/config.php b/application/config/config.php
index 9ab8248e3..161b95699 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -397,6 +397,7 @@ $config['sess_regenerate_destroy'] = FALSE;
 | 'cookie_path'     = Typically will be a forward slash
 | 'cookie_secure'   = Cookie will only be set if a secure HTTPS connection exists.
 | 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
+| 'cookie_samesite' = Cookie's samesite attribute (Lax, Strict or None)
 |
 | Note: These settings (with the exception of 'cookie_prefix' and
 |       'cookie_httponly') will also affect sessions.
@@ -407,6 +408,7 @@ $config['cookie_domain']	= '';
 $config['cookie_path']		= '/';
 $config['cookie_secure']	= FALSE;
 $config['cookie_httponly'] 	= FALSE;
+$config['cookie_samesite'] 	= 'Lax';
 
 /*
 |--------------------------------------------------------------------------
-- 
cgit v1.2.3-24-g4f1b