refresh php.ini from upstream

author: Remi Collet <remi@remirepo.net> 2020-03-31 16:32:39 +0200
committer: Remi Collet <remi@remirepo.net> 2020-03-31 16:32:39 +0200
commit: a6691a7e22ef8a0de7e63ca4192eee7db15c8bf0 (patch)
tree: b780d427b1cccb4fbdb472301cf1b4e77faf4aa6
parent: 60dc93db54c506b9fa0b1d6d2b33249602bc29a5 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/php.ini b/php.ini
index d52aeaa..ebad37a 100644
--- a/php.ini
+++ b/php.ini
@@ -1322,7 +1322,8 @@ session.cookie_domain =
 session.cookie_httponly =
 
 ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
-; Current valid values are "Lax" or "Strict"
+; Current valid values are "Strict", "Lax" or "None". When using "None",
+; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
 ; https://tools.ietf.org/html/draft-west-first-party-cookies-07
 session.cookie_samesite =
 
@@ -1365,8 +1366,8 @@ session.gc_maxlifetime = 1440
 ;       (see session.save_path above), then garbage collection does *not*
 ;       happen automatically.  You will need to do your own garbage
 ;       collection through a shell script, cron entry, or some other method.
-;       For example, the following script would is the equivalent of
-;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
+;       For example, the following script is the equivalent of setting
+;       session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
 ;          find /path/to/sessions -cmin +24 -type f | xargs rm
 
 ; Check HTTP Referer to invalidate externally stored URLs containing ids.
author	Remi Collet <remi@remirepo.net>	2020-03-31 16:32:39 +0200
committer	Remi Collet <remi@remirepo.net>	2020-03-31 16:32:39 +0200
commit	a6691a7e22ef8a0de7e63ca4192eee7db15c8bf0 (patch)
tree	b780d427b1cccb4fbdb472301cf1b4e77faf4aa6
parent	60dc93db54c506b9fa0b1d6d2b33249602bc29a5 (diff)