Use SameSite on PHP's session cookie in the default rules

author: jvoisin 2018-07-23 14:19:15 +0200
committer: jvoisin 2018-07-23 14:19:15 +0200
commit: 81849ac95837d343064a4989eb8d00a87bf02b2d (patch)
tree: 1f640df14bf05e7fbba8b05c6968c5a0d1dfda86
parent: 750d417412323758871be0c9c43ff65a31071cc4 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/config/default.rules b/config/default.rules
index a21a6cf..b16434f 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -4,6 +4,9 @@ sp.harden_random.enable();
 # Disabled XXE
 sp.disable_xxe.enable();
+# use SameSite on session cookie
+sp.cookie.name("PHPSESSID").samesite("lax");
 # Harden the `chmod` function
 sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();
author	jvoisin	2018-07-23 14:19:15 +0200
committer	jvoisin	2018-07-23 14:19:15 +0200
commit	81849ac95837d343064a4989eb8d00a87bf02b2d (patch)
tree	1f640df14bf05e7fbba8b05c6968c5a0d1dfda86
parent	750d417412323758871be0c9c43ff65a31071cc4 (diff)

diff --git a/config/default.rules b/config/default.rules index a21a6cf..b16434f 100644 --- a/config/default.rules +++ b/config/default.rules
@@ -4,6 +4,9 @@ sp.harden_random.enable();
4	# Disabled XXE	4	# Disabled XXE
5	sp.disable_xxe.enable();	5	sp.disable_xxe.enable();
6		6
		7	# use SameSite on session cookie
		8	sp.cookie.name("PHPSESSID").samesite("lax");
		9
7	# Harden the `chmod` function	10	# Harden the `chmod` function
8	sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();	11	sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();
9		12