From 9d14fe2d7eab3bcb3ae582848ee91f24800cceda Mon Sep 17 00:00:00 2001
From: mzaalan <mzaalan@gmail.com>
Date: Mon, 21 Mar 2016 14:12:38 +0200
Subject: [PATCH] Set HttpOnly flag

---
 config/session.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/session.php b/config/session.php
index f1b00421..fbe8084d 100644
--- a/config/session.php
+++ b/config/session.php
@@ -149,5 +149,6 @@
     */
 
     'secure' => false,
+    'http_only' => true,
 
 ];