ivo/ponzi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added http_only option to session configuration.

Browse Source
This commit is contained in:
Taylor Otwell
2011-07-22 08:00:14 -07:00
parent d6e1d5424d
commit db45be960f
1 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
application/config/session.php
View File

@@ -16,7 +16,7 @@ return array(
|
*/
'driver' => '',
'driver' => 'file',
/*
|--------------------------------------------------------------------------
@@ -86,4 +86,19 @@ return array(
'https' => false,
/*
|--------------------------------------------------------------------------
| HTTP Only Session Cookie
|--------------------------------------------------------------------------
|
| Should the session cookie only be accessible over HTTP?
|
| Note: The intention of the "HTTP Only" option is to keep cookies from
| being accessed by client-side scripting languages. However, this
| setting should not be viewed as providing total XSS protection.
|
*/
'http_only' => false,
);