Commit ecb2934d authored by Arnaud Pauget's avatar Arnaud Pauget
Browse files

Merge branch 'feat/13799_add_HttpOnly_to_CSRF_Cookie_2.5.X' into 'release/2.5.5'

feat/13799 : add 'httpOnly' attribute to CSRF cookie

See merge request !486
parents 34bf637f a8078539
Pipeline #8164 failed with stage
......@@ -128,7 +128,7 @@ class csrf
$responseToken = $this->getLastToken($accountTokens);
\laabs::setToken($this->config["cookieName"], $responseToken, null, false);
\laabs::setToken($this->config["cookieName"], $responseToken, null, true);
}
/**
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment