diff options
author | Nikita Popov <nikita.ppv@gmail.com> | 2020-03-18 15:59:30 +0100 |
---|---|---|
committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-03-18 15:59:30 +0100 |
commit | c00cce3229515eacdb1680f39132ed3ca09cc205 (patch) | |
tree | 1264ddde6221f871954e97ee672522111ae26063 | |
parent | b114e3d953bb1d27d3686d3dc2274f4f5b9154fe (diff) | |
download | php-git-c00cce3229515eacdb1680f39132ed3ca09cc205.tar.gz |
Clarify session.cookie_samesite="None"
-rw-r--r-- | php.ini-development | 3 | ||||
-rw-r--r-- | php.ini-production | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/php.ini-development b/php.ini-development index c365201809..b8ed4fb094 100644 --- a/php.ini-development +++ b/php.ini-development @@ -1413,7 +1413,8 @@ session.cookie_domain = session.cookie_httponly = ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Lax" or "Strict" +; Current valid values are "Strict", "Lax" or "None". When using "None", +; make sure to include the quotes, as `none` is interpreted like `false` in ini files. ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 session.cookie_samesite = diff --git a/php.ini-production b/php.ini-production index 5a68647eca..ee1ff0731d 100644 --- a/php.ini-production +++ b/php.ini-production @@ -1415,7 +1415,8 @@ session.cookie_domain = session.cookie_httponly = ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Lax" or "Strict" +; Current valid values are "Strict", "Lax" or "None". When using "None", +; make sure to include the quotes, as `none` is interpreted like `false` in ini files. ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 session.cookie_samesite = |