| 236,6 → 236,18 |
|---|
| However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
| still safe. |
| |
| OIDplus::baseConfig()->setValue('COOKIE_DOMAIN', ''); |
| Can be used to increase security by setting an explicit domain-name in the cookies. |
| Set to '' (empty string) to allow all (sub)domains. |
| Set to '(auto)' to automatically detect the domain based on the absolute canonical path. |
| |
| OIDplus::baseConfig()->setValue('COOKIE_PATH', '/'); |
| Can be used to increase security by setting an explicit pathname in the cookies. |
| Set to '/' to allow all paths. |
| Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
| Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |
| the cookie path in a reverse-proxy setting. |
| |
| OIDplus::baseConfig()->getValue('RA_PASSWORD_PEPPER', ''); |
| The pepper is stored inside the base configuration file |
| It prevents that an attacker with SQL write rights can |