summaryrefslogtreecommitdiffstats
path: root/php.ini
diff options
context:
space:
mode:
Diffstat (limited to 'php.ini')
-rw-r--r--php.ini23
1 files changed, 14 insertions, 9 deletions
diff --git a/php.ini b/php.ini
index 1d8e01a..b4724bb 100644
--- a/php.ini
+++ b/php.ini
@@ -613,6 +613,12 @@ ignore_repeated_source = Off
; Production Value: On
;fatal_error_backtraces = On
+; This directive controls whether PHP will print the actual arguments of a
+; function upon an error. If this is off (or there was an error fetching the
+; arguments), the function providing the error may optionally provide some
+; additional information after the problem function's name.
+;error_include_args = Off
+
;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
@@ -809,10 +815,10 @@ enable_dl = Off
;fastcgi.impersonate = 1
; Prevent decoding of SCRIPT_FILENAME when using Apache ProxyPass or
-; ProxyPassMatch. This should only be used if script file paths are already
-; stored in an encoded format on the file system.
-; Default is 0.
-;fastcgi.script_path_encoded = 1
+; ProxyPassMatch. This should be used if script file paths are not stored
+; in an encoded format on the file system.
+; Default is 1.
+;fastcgi.script_path_encoded = 0
; Disable logging through FastCGI connection. PHP's default behavior is to enable
; this feature.
@@ -1265,10 +1271,9 @@ session.save_handler = files
; Strict session mode does not accept an uninitialized session ID, and
; regenerates the session ID if the browser sends an uninitialized session ID.
; Strict mode protects applications from session fixation via a session adoption
-; vulnerability. It is disabled by default for maximum compatibility, but
-; enabling it is encouraged.
+; vulnerability.
; https://wiki.php.net/rfc/strict_sessions
-session.use_strict_mode = 0
+session.use_strict_mode = 1
; Whether to use cookies.
; https://php.net/session.use-cookies
@@ -1310,13 +1315,13 @@ session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it
; inaccessible to browser scripting languages such as JavaScript.
; https://php.net/session.cookie-httponly
-session.cookie_httponly =
+session.cookie_httponly = 1
; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
; Current valid values are "Strict", "Lax" or "None". When using "None",
; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
; https://tools.ietf.org/html/draft-west-first-party-cookies-07
-session.cookie_samesite =
+session.cookie_samesite = "Lax"
; Handler used to serialize data. php is the standard serializer of PHP.
; https://php.net/session.serialize-handler