Skip to content
Snippets Groups Projects
Commit 07dbd3da authored by Tim van Dijen's avatar Tim van Dijen
Browse files

Secure cookies by default

parent 87c24c36
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
config-templates/config.php
+ 2
2
View file @ 07dbd3da
...@@ -553,7 +553,7 @@ $config = [ ...@@ -553,7 +553,7 @@ $config = [
* through https. If the user can access the service through * through https. If the user can access the service through
* both http and https, this must be set to FALSE. * both http and https, this must be set to FALSE.
*/ */
'session.cookie.secure' => false, 'session.cookie.secure' => true,
/* /*
* Set the SameSite attribute in the cookie. * Set the SameSite attribute in the cookie.
...@@ -790,7 +790,7 @@ $config = [ ...@@ -790,7 +790,7 @@ $config = [
'language.cookie.name' => 'language', 'language.cookie.name' => 'language',
'language.cookie.domain' => null, 'language.cookie.domain' => null,
'language.cookie.path' => '/', 'language.cookie.path' => '/',
'language.cookie.secure' => false, 'language.cookie.secure' => true,
'language.cookie.httponly' => false, 'language.cookie.httponly' => false,
'language.cookie.lifetime' => (60 * 60 * 24 * 900), 'language.cookie.lifetime' => (60 * 60 * 24 * 900),
'language.cookie.samesite' => $httpUtils->canSetSameSiteNone() ? 'None' : null, 'language.cookie.samesite' => $httpUtils->canSetSameSiteNone() ? 'None' : null,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment