feat/13799 : add 'httpOnly' attribute to CSRF cookie

a8078539 · Benjamin Rousselière · 8d312fa3 · a8078539
Commit a8078539 authored May 05, 2020 by Benjamin Rousselière
--- a/src/presentation/maarchRM/Observer/csrf.php
+++ b/src/presentation/maarchRM/Observer/csrf.php
@@ -128,7 +128,7 @@ class csrf
        
        $responseToken = $this->getLastToken($accountTokens);
        
-        \laabs::setToken($this->config["cookieName"], $responseToken, null, false);
+        \laabs::setToken($this->config["cookieName"], $responseToken, null, true);
    }

    /**