Skip to content

Commit

Permalink
secure connexion in session cookie if https close #126
Browse files Browse the repository at this point in the history
the cookie secure setting is set according to the secure param in the Config
Which is defined at install time, default to true.
  • Loading branch information
vincent-peugnet committed Jan 3, 2024
1 parent b785b88 commit 002ee0c
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion app/class/Config.php
Original file line number Diff line number Diff line change
Expand Up @@ -163,7 +163,7 @@ public static function domain()
return self::$domain;
}

public static function issecure()
public static function issecure(): bool
{
return self::$secure;
}
Expand Down
3 changes: 2 additions & 1 deletion index.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@

session_set_cookie_params([
'path' => '/' . Wcms\Config::basepath(),
'samesite' => 'Strict'
'samesite' => 'Strict',
'secure' => Wcms\Config::issecure()
]);
session_start();

Expand Down

0 comments on commit 002ee0c

Please sign in to comment.