From ff96408574d66ce31503fa9df9d6ba86c8418c89 Mon Sep 17 00:00:00 2001
From: Dimas <dimasfaid@gmail.com>
Date: Fri, 17 Nov 2023 01:39:56 +0700
Subject: [PATCH] Change session cookies flag

---
 config/php.ini | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/php.ini b/config/php.ini
index 72f40ea..086f748 100644
--- a/config/php.ini
+++ b/config/php.ini
@@ -1368,7 +1368,7 @@ session.use_strict_mode = 0
 session.use_cookies = 1
 
 ; https://php.net/session.cookie-secure
-;session.cookie_secure =
+session.cookie_secure = 1
 
 ; This option forces PHP to fetch and use a cookie for storing and maintaining
 ; the session id. We encourage this operation as it's very helpful in combating
@@ -1400,13 +1400,13 @@ session.cookie_domain =
 ; Whether or not to add the httpOnly flag to the cookie, which makes it
 ; inaccessible to browser scripting languages such as JavaScript.
 ; https://php.net/session.cookie-httponly
-session.cookie_httponly =
+session.cookie_httponly = 1
 
 ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
 ; Current valid values are "Strict", "Lax" or "None". When using "None",
 ; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
 ; https://tools.ietf.org/html/draft-west-first-party-cookies-07
-session.cookie_samesite =
+session.cookie_samesite = "Strict"
 
 ; Handler used to serialize data. php is the standard serializer of PHP.
 ; https://php.net/session.serialize-handler
-- 
GitLab