1 files changed, 3 insertions, 0 deletions
diff --git a/config/default.rules b/config/default.rules
index a21a6cf..b16434f 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -4,6 +4,9 @@ sp.harden_random.enable();
 # Disabled XXE
 sp.disable_xxe.enable();
+# use SameSite on session cookie
+sp.cookie.name("PHPSESSID").samesite("lax");
 # Harden the `chmod` function
 sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();

diff --git a/config/default.rules b/config/default.rules index a21a6cf..b16434f 100644 --- a/config/default.rules +++ b/config/default.rules
@@ -4,6 +4,9 @@ sp.harden_random.enable();
4	# Disabled XXE	4	# Disabled XXE
5	sp.disable_xxe.enable();	5	sp.disable_xxe.enable();
6		6
		7	# use SameSite on session cookie
		8	sp.cookie.name("PHPSESSID").samesite("lax");
		9
7	# Harden the `chmod` function	10	# Harden the `chmod` function
8	sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();	11	sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();
9		12