diff options
author | Remi Collet <remi@remirepo.net> | 2020-03-31 16:33:02 +0200 |
---|---|---|
committer | Remi Collet <remi@remirepo.net> | 2020-03-31 16:33:02 +0200 |
commit | c0aac3bcea505ee430933867c00b91d44c4c0006 (patch) | |
tree | c94715bf5f2aa1eceaa6101b48242bc515077cb1 | |
parent | 5451ca30bfd6e546cb44f1839d58d1f20e52250c (diff) |
refresh php.ini from upstream
-rw-r--r-- | php.ini | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -1322,7 +1322,8 @@ session.cookie_domain = session.cookie_httponly = ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Lax" or "Strict" +; Current valid values are "Strict", "Lax" or "None". When using "None", +; make sure to include the quotes, as `none` is interpreted like `false` in ini files. ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 session.cookie_samesite = @@ -1365,8 +1366,8 @@ session.gc_maxlifetime = 1440 ; (see session.save_path above), then garbage collection does *not* ; happen automatically. You will need to do your own garbage ; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; For example, the following script is the equivalent of setting +; session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): ; find /path/to/sessions -cmin +24 -type f | xargs rm ; Check HTTP Referer to invalidate externally stored URLs containing ids. |