Rev 502 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 502 | Rev 557 | ||
|---|---|---|---|
| Line 236... | Line 236... | ||
| 236 | It is recommended to disable this switch in productive systems, |
236 | It is recommended to disable this switch in productive systems, |
| 237 | because the self-tests decrease the performance. |
237 | because the self-tests decrease the performance. |
| 238 | However, after installing a new plugin, you might want to enable |
238 | However, after installing a new plugin, you might want to enable |
| 239 | it for a few minutes, to make sure the plugin is working correctly. |
239 | it for a few minutes, to make sure the plugin is working correctly. |
| 240 | 240 | ||
| - | 241 | OIDplus::baseConfig()->setValue('COOKIE_SAMESITE_POLICY', 'Strict'); |
|
| - | 242 | Old 2.0 format: (Not available) |
|
| - | 243 | Defined which "SameSite" policy should be used for the cookies OIDplus uses. |
|
| - | 244 | Can be "None", "Lax" or "Strict". |
|
| - | 245 | "Strict" is the most secure setting. |
|
| - | 246 | "Lax" allows that people stay logged in if they follow a link pointing |
|
| - | 247 | to your OIDplus installation. |
|
| - | 248 | "None" is not recommended and is deprecated by modern web browsers. |
|
| - | 249 | However, OIDplus itself provides an Anti-CSRF mechanism, so you should be |
|
| - | 250 | still safe. |
|
| - | 251 | ||
| 241 | 252 | ||
| 242 | ---------------------------------------------------- |
253 | ---------------------------------------------------- |
| 243 | (4) LDAP FIELDS (see document ldap_installation.txt) |
254 | (4) LDAP FIELDS (see document ldap_installation.txt) |
| 244 | ---------------------------------------------------- |
255 | ---------------------------------------------------- |
| 245 | 256 | ||