Merge pull request #253 from wrongecho/cookie

Set PHP session cookie to be httponly
2026-05-19 09:18:20 +00:00 · 2022-01-07 14:28:17 -05:00
parent 5d27a1717b 6609e5065a
commit 1df39836fd
1 changed files with 3 additions and 0 deletions
--- a/login.php
+++ b/login.php
@@ -16,6 +16,9 @@ $browser = strip_tags(mysqli_real_escape_string($mysqli,get_web_browser()));

 $user_agent = "$os - $browser";

+// HTTP Only cookies
+ini_set("session.cookie_httponly", True);
+
 session_start();

 if(isset($_POST['login'])){