Commit a8078539 authored by Benjamin Rousselière's avatar Benjamin Rousselière
Browse files

feat/13799 : add 'httpOnly' attribute to CSRF cookie

parent 8d312fa3
Pipeline #8116 failed with stage
......@@ -128,7 +128,7 @@ class csrf
$responseToken = $this->getLastToken($accountTokens);
\laabs::setToken($this->config["cookieName"], $responseToken, null, false);
\laabs::setToken($this->config["cookieName"], $responseToken, null, true);
}
/**
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment