Rev 1316 | Rev 1345 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1316 | Rev 1344 | ||
|---|---|---|---|
| Line 454... | Line 454... | ||
| 454 | However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
454 | However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
| 455 | still safe. |
455 | still safe. |
| 456 | 456 | ||
| 457 | ### COOKIE_DOMAIN |
457 | ### COOKIE_DOMAIN |
| 458 | 458 | ||
| 459 | OIDplus::baseConfig()->setValue('COOKIE_DOMAIN', ''); |
459 | OIDplus::baseConfig()->setValue('COOKIE_DOMAIN', '(auto)'); |
| 460 | 460 | ||
| 461 | Can be used to increase security by setting an explicit domain-name in the cookies. |
461 | Can be used to increase security by setting an explicit domain-name in the cookies. |
| 462 | Set to '' (empty string) to allow all (sub)domains. |
462 | Set to '' (empty string) to allow all (sub)domains. |
| 463 | Set to '(auto)' to automatically detect the domain based on the absolute canonical path. |
463 | Set to '(auto)' to automatically detect the domain based on the absolute canonical path. |
| 464 | 464 | ||
| 465 | ### COOKIE_PATH |
465 | ### COOKIE_PATH |
| 466 | 466 | ||
| 467 | OIDplus::baseConfig()->setValue('COOKIE_PATH', '/'); |
467 | OIDplus::baseConfig()->setValue('COOKIE_PATH', '(auto)); |
| 468 | 468 | ||
| 469 | Can be used to increase security by setting an explicit pathname in the cookies. |
469 | Can be used to increase security by setting an explicit pathname in the cookies. |
| 470 | Set to '/' to allow all paths. |
470 | Set to '/' to allow all paths. |
| 471 | Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
471 | Set to '(auto)' to automatically detect the path based on the absolute canonical path. |
| 472 | Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |
472 | Note: If supported, you can use Apache's "ProxyPassReverseCookiePath" to translate |