Rev 1316 | Rev 1345 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1316 | Rev 1344 | ||
---|---|---|---|
Line 454... | Line 454... | ||
454 | However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
454 | However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
455 | still safe. |
455 | still safe. |
456 | 456 | ||
457 | ### COOKIE_DOMAIN |
457 | ### COOKIE_DOMAIN |
458 | 458 | ||
459 | OIDplus::baseConfig()->setValue('COOKIE_DOMAIN', ''); |
459 | OIDplus::baseConfig()->setValue('COOKIE_DOMAIN', '(auto)'); |
460 | 460 | ||
461 | Can be used to increase security by setting an explicit domain-name in the cookies. |
461 | Can be used to increase security by setting an explicit domain-name in the cookies. |
462 | Set to '' (empty string) to allow all (sub)domains. |
462 | Set to '' (empty string) to allow all (sub)domains. |
463 | Set to '(auto)' to automatically detect the domain based on the absolute canonical path. |
463 | Set to '(auto)' to automatically detect the domain based on the absolute canonical path. |
464 | 464 | ||
465 | ### COOKIE_PATH |
465 | ### COOKIE_PATH |
466 | 466 | ||
467 | OIDplus::baseConfig()->setValue('COOKIE_PATH', '/'); |
467 | OIDplus::baseConfig()->setValue('COOKIE_PATH', '(auto)); |
468 | 468 | ||
469 | Can be used to increase security by setting an explicit pathname in the cookies. |
469 | Can be used to increase security by setting an explicit pathname in the cookies. |
470 | Set to '/' to allow all paths. |
470 | Set to '/' to allow all paths. |
471 | Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
471 | Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
472 | Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |
472 | Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |