hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-11 03:53:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

PHRAS-3859 increase security with headers (#4325)

Browse Source 
* fix port value on nginx proxy case

* increase security using headers

* PHRAS-3859 add security set cookie httponly
This commit is contained in:
moctardiouf
2023-06-26 10:51:45 +02:00
committed by GitHub
parent 71d725e4a0
commit 1215f82c30
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docker/phraseanet/php.ini.sample
View File

@@ -1330,6 +1330,9 @@ session.save_handler = $SESSION_SAVE_HANDLER
; http://php.net/session.save-path
session.save_path = $SESSION_SAVE_PATH
session.hash_bits_per_character = 6
session.hash_function = 1
; Whether to use strict session mode.
; Strict session mode does not accept uninitialized session ID and regenerate
; session ID if browser sends uninitialized session ID. Strict mode protects
@@ -1374,7 +1377,7 @@ session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
; http://php.net/session.cookie-httponly
session.cookie_httponly =
session.cookie_httponly = 1
; Handler used to serialize data. php is the standard serializer of PHP.
; http://php.net/session.serialize-handler