- Changed "session.use_only_cookies" to be on by default.

author: foobar <sniper@php.net> 2005-12-02 18:42:41 +0000
committer: foobar <sniper@php.net> 2005-12-02 18:42:41 +0000
commit: ecd8376f36af4c600895785c90c0e035ba3dc687 (patch)
tree: 52b6128a8c0ff8c2f440a57694148c7464e5163b /php.ini-dist
parent: 4041e5221516fa10005289426db4fcd161db0186 (diff)
download: php-git-ecd8376f36af4c600895785c90c0e035ba3dc687.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/php.ini-dist b/php.ini-dist
index de3c031e8d..eefaf9f22b 100644
--- a/php.ini-dist
+++ b/php.ini-dist
@@ -895,8 +895,8 @@ session.save_handler = files
 session.use_cookies = 1
 
 ; This option enables administrators to make their users invulnerable to
-; attacks which involve passing session ids in URLs; defaults to 0.
-; session.use_only_cookies = 1
+; attacks which involve passing session ids in URLs; defaults to 1.
+session.use_only_cookies = 1
 
 ; Name of the session (used as cookie name).
 session.name = PHPSESSID
author	foobar <sniper@php.net>	2005-12-02 18:42:41 +0000
committer	foobar <sniper@php.net>	2005-12-02 18:42:41 +0000
commit	ecd8376f36af4c600895785c90c0e035ba3dc687 (patch)
tree	52b6128a8c0ff8c2f440a57694148c7464e5163b /php.ini-dist
parent	4041e5221516fa10005289426db4fcd161db0186 (diff)
download	php-git-ecd8376f36af4c600895785c90c0e035ba3dc687.tar.gz