From 5a224ee0c92d1639395d6a0c629316ae64226125 Mon Sep 17 00:00:00 2001
From: xXx-caillou-xXx
Date: Fri, 24 Nov 2017 14:03:37 +0100
Subject: Implement anti csrf measures

This is done by using the "samesite" cookie attribute.---
 src/sp_cookie_encryption.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/sp_cookie_encryption.h')

diff --git a/src/sp_cookie_encryption.h b/src/sp_cookie_encryption.h
index 9904738..889a89c 100644
--- a/src/sp_cookie_encryption.h
+++ b/src/sp_cookie_encryption.h
@@ -11,6 +11,8 @@
 #include "ext/hash/php_hash_sha.h"
 #include "ext/standard/base64.h"
 
+#define SAMESITE_COOKIE_FORMAT "; samesite="
+
 int hook_cookies();
 int decrypt_cookie(zval *pDest, int num_args, va_list args, zend_hash_key *hash_key);
 
-- 
cgit v1.3