maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

correctly secure session-cookie

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2022-03-14 23:08:11 +01:00
parent 164b46ece3
commit af6b5f0ec5
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/Froxlor/UI/Panel/UI.php
View File

@@ -67,9 +67,13 @@ class UI
|| strcasecmp('https', $isHttps) == 0 || strcasecmp('https', $isHttps) == 0
); );
ini_set("url_rewriter.tags", ""); session_set_cookie_params([
ini_set("session.cookie_httponly", true); 'path' => '/',
ini_set("session.cookie_secure", $isHttps); 'domain' => $_SERVER['HTTP_HOST'],
'secure' => $isHttps,
'httponly' => true,
'samesite' => 'Strict'
]);
session_start(); session_start();
header("Content-Type: text/html; charset=UTF-8"); header("Content-Type: text/html; charset=UTF-8");