Fix CSRF token handling: add session to index.php, fix cookie_secure for HTTPS
This commit is contained in:
root
@@ -3,7 +3,7 @@
|
||||
// Ensure session cookie is available for AJAX requests
|
||||
ini_set('session.cookie_samesite', 'Lax');
|
||||
ini_set('session.cookie_httponly', '1');
|
||||
ini_set('session.cookie_secure', '0'); // Set to '1' if using HTTPS
|
||||
ini_set('session.cookie_secure', '1'); // Set to '1' if using HTTPS
|
||||
session_start();
|
||||
|
||||
// Security headers
|
||||
|
||||
Reference in New Issue
Block a user