Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
litespeed_wiki:config:header-edit-set-cookie [2021/09/20 17:35] Jackson Zhang [ForceSecureCookie] |
litespeed_wiki:config:header-edit-set-cookie [2021/09/20 17:40] Jackson Zhang |
||
|---|---|---|---|
| Line 7: | Line 7: | ||
| Let's look at the elements of the directive, and how to accomplish each with LSWS. | Let's look at the elements of the directive, and how to accomplish each with LSWS. | ||
| - | |||
| - | ===== Secure ===== | ||
| - | The above example, which involves patching Set-Cookie with a ''secure'' flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that. | ||
| - | |||
| - | ===== HTTPOnly ===== | ||
| - | For ''HTTPOnly'' settings, you should be able to use ''php.ini''. For example: | ||
| - | <code> | ||
| - | session.cookie_httponly=On | ||
| - | </code> | ||
| ===== ForceSecureCookie ===== | ===== ForceSecureCookie ===== | ||
| Line 53: | Line 44: | ||
| </code> | </code> | ||
| + | Notes: | ||
| + | * ''secure'' flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that. | ||
| + | * HTTPOnly could also be set in ''php.ini''. For example: | ||
| + | <code> | ||
| + | session.cookie_httponly=On | ||
| + | </code> | ||