Added http_only configuration item to session cookie.
This commit is contained in:
parent
db45be960f
commit
ca97abe77f
|
@ -198,7 +198,7 @@ public static function close()
|
||||||
{
|
{
|
||||||
$minutes = (Config::get('session.expire_on_close')) ? 0 : Config::get('session.lifetime');
|
$minutes = (Config::get('session.expire_on_close')) ? 0 : Config::get('session.lifetime');
|
||||||
|
|
||||||
Cookie::put('laravel_session', static::$session['id'], $minutes, Config::get('session.path'), Config::get('session.domain'), Config::get('session.https'));
|
Cookie::put('laravel_session', static::$session['id'], $minutes, Config::get('session.path'), Config::get('session.domain'), Config::get('session.https'), Config::get('session.http_only'));
|
||||||
}
|
}
|
||||||
|
|
||||||
// 2% chance of performing session garbage collection...
|
// 2% chance of performing session garbage collection...
|
||||||
|
|
Loading…
Reference in New Issue