-
Notifications
You must be signed in to change notification settings - Fork 89
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cookies #278
Comments
Merged
Hi, LibreX is no longer maintained, but I've submitted a patch on its fork, LibreY Ahwxorg#150 Let me know if there are any problems with my implementation |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
when we save any custom settings cookies are created but would be better creating safe cookies
there is a peace of the improved code to generate safe cookies
file "settings.php":
if (isset($_REQUEST["save"])) {
foreach($_POST as $key=>$value) {
if (!empty($value)) {
// Set additional flags for cookie security
setcookie($key, $value, [
'expires' => time() + (86400 * 90),
'path' => '/',
'domain' => '',
'secure' => true, // Ensure cookies are only sent over HTTPS
'httponly' => true, // Prevent client-side JavaScript access to cookies
'samesite' => 'Strict' // Strict SameSite policy for better protection against CSRF attacks
]);
} else {
// If value is empty, delete the cookie
setcookie($key, "", time() - 1000);
}
}
}
The text was updated successfully, but these errors were encountered: