ivo/ponzi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔧 🔧 Reduce discoverability of session cookie name.

Browse Source 
Derives session.cookie from SESSION_COOKIE, falling back to (snake_cased) APP_NAME . '_session', falling back to 'laravel_session' (current) in order to make it less discoverable, thereby (slightly) reducing threat vector.
This commit is contained in:
Yitzchok Willroth
2017-06-29 12:09:59 -04:00
parent d5bf06589f
commit a7f2c060b2
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/session.php
View File

@@ -122,7 +122,7 @@ return [
|
*/
'cookie' => 'laravel_session',
'cookie' => env('SESSION_COOKIE', snake_case(env('APP_NAME', 'laravel')).'_session'),
/*
|--------------------------------------------------------------------------