Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
litespeed_wiki:config:header-edit [2020/09/03 15:35] Jackson Zhang |
litespeed_wiki:config:header-edit [2020/09/03 15:37] (current) Jackson Zhang |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| LiteSpeed doesn't support Apache's header ''edit'' directive, and so the following Apache directive won't work on LiteSpeed: | LiteSpeed doesn't support Apache's header ''edit'' directive, and so the following Apache directive won't work on LiteSpeed: | ||
| Header always edit Set-Cookie (.*) "$1;HTTPOnly;Secure" | Header always edit Set-Cookie (.*) "$1;HTTPOnly;Secure" | ||
| + | ===== ''secure'' ===== | ||
| This particular case, which involves patching Set-Cookie with a ''secure'' flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that. | This particular case, which involves patching Set-Cookie with a ''secure'' flag when served over HTTPS, is automatically handled by LiteSpeed Web Server as of v5.4.5, and so it is unnecessary to use a directive for that. | ||
| + | ===== ''HTTPOnly'' ===== | ||
| For ''HTTPOnly'' settings, you should be able to use ''php.ini''. For example: | For ''HTTPOnly'' settings, you should be able to use ''php.ini''. For example: | ||
| <code> | <code> | ||
| Line 11: | Line 12: | ||
| </code> | </code> | ||
| + | ===== ''SameSite''===== | ||
| For ''SameSite=none'' attribute, there is no alternative way to do it on LiteSpeed at the time of this writing. It is better to be handled on the application level when the developer designs the site. | For ''SameSite=none'' attribute, there is no alternative way to do it on LiteSpeed at the time of this writing. It is better to be handled on the application level when the developer designs the site. | ||