diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2020-03-18 16:00:05 +0100 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-03-18 16:00:05 +0100 |
| commit | 10bf541fd9eb7b42503459065a0474b6f0e37a7b (patch) | |
| tree | 7d0a0720ee685ac5fdb016beed7a5bede90bd490 /php.ini-development | |
| parent | ba6834fa574495d0f31be10b74bd7cfd4ef054e5 (diff) | |
| parent | c00cce3229515eacdb1680f39132ed3ca09cc205 (diff) | |
| download | php-git-10bf541fd9eb7b42503459065a0474b6f0e37a7b.tar.gz | |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Clarify session.cookie_samesite="None"
Diffstat (limited to 'php.ini-development')
| -rw-r--r-- | php.ini-development | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/php.ini-development b/php.ini-development index a9d5c9b70e..2c39ece23c 100644 --- a/php.ini-development +++ b/php.ini-development @@ -1386,7 +1386,8 @@ session.cookie_domain = session.cookie_httponly = ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Lax" or "Strict" +; Current valid values are "Strict", "Lax" or "None". When using "None", +; make sure to include the quotes, as `none` is interpreted like `false` in ini files. ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 session.cookie_samesite = |