summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--php.ini-development8
-rw-r--r--php.ini-production8
2 files changed, 16 insertions, 0 deletions
diff --git a/php.ini-development b/php.ini-development
index 7197dae6fc..43ab1de26a 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1398,6 +1398,14 @@ session.save_handler = files
; http://php.net/session.save-path
;session.save_path = "/tmp"
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1
diff --git a/php.ini-production b/php.ini-production
index 5590d2c448..0014c4e251 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -1398,6 +1398,14 @@ session.save_handler = files
; http://php.net/session.save-path
;session.save_path = "/tmp"
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1
View Lorry Controller Status