Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
litespeed_wiki:config:header-edit-set-cookie [2021/09/20 17:35] Jackson Zhang [ForceSecureCookie] |
litespeed_wiki:config:header-edit-set-cookie [2021/09/20 17:41] Jackson Zhang |
||
|---|---|---|---|
| Line 7: | Line 7: | ||
| Let's look at the elements of the directive, and how to accomplish each with LSWS. | Let's look at the elements of the directive, and how to accomplish each with LSWS. | ||
| - | |||
| - | ===== Secure ===== | ||
| - | The above example, which involves patching Set-Cookie with a ''secure'' flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that. | ||
| - | |||
| - | ===== HTTPOnly ===== | ||
| - | For ''HTTPOnly'' settings, you should be able to use ''php.ini''. For example: | ||
| - | <code> | ||
| - | session.cookie_httponly=On | ||
| - | </code> | ||
| ===== ForceSecureCookie ===== | ===== ForceSecureCookie ===== | ||
| Line 46: | Line 37: | ||
| </code> | </code> | ||
| | | ||
| - | **NOTE**: When using the above directives, please make sure to enclose them with | + | **NOTE**: |
| + | * When using the above directives, please make sure to enclose them with | ||
| <code> | <code> | ||
| <IfModule LiteSpeed> | <IfModule LiteSpeed> | ||
| Line 53: | Line 45: | ||
| </code> | </code> | ||
| + | * ''secure'' flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that. | ||
| + | * HTTPOnly could also be set in ''php.ini''. For example: | ||
| + | <code> | ||
| + | session.cookie_httponly=On | ||
| + | </code> | ||