mirror/webgui
1
0
Fork 0
mirror of https://github.com/unraid/webgui.git synced 2026-04-22 18:19:14 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use samesite=strict for the login session cookie

Browse Source
This commit is contained in:
Eric Schultz
2019-09-16 03:00:34 -05:00
parent dda07223a1
commit 655b3ed883
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
login.php
+1 -1
View File
@@ -1,6 +1,6 @@
<?php
session_name("unraid_".md5(strstr($_SERVER['HTTP_HOST'].':', ':', true)));
session_set_cookie_params(0, '/', null, array_key_exists('HTTPS', $_SERVER), true);
session_set_cookie_params(0, '/; samesite=strict', null, array_key_exists('HTTPS', $_SERVER), true);
session_start();
$docroot = $docroot ?? $_SERVER['DOCUMENT_ROOT'] ?: '/usr/local/emhttp';