fix siteid cookie to secure

2021-10-18 12:34:28 -04:00 · 2021-10-18 12:34:28 -04:00 · 1bb93c8f4e
commit 1bb93c8f4e
parent 5caac014df
1 changed files with 3 additions and 0 deletions
--- a/.htaccess
+++ b/.htaccess
@ -7,3 +7,6 @@ Header append X-Content-Type-Options "nosniff"
 Header always set Strict-Transport-Security "max-age=604800; includeSubDomains"
    Header set X-Content-Type-Options nosniff
 </IfModule>
+<If "%{HTTP_USER_AGENT} !~ /(iPhone; CPU iPhone OS 1[0-2]|iPad; CPU OS 1[0-2]|iPod touch; CPU iPhone OS 1[0-2]|Macintosh; Intel Mac OS X.*Version\x2F1[0-2].*Safari|Macintosh;.*Mac OS X 10_14.* AppleWebKit.*Version\x2F1[0-3].*Safari)/i">
+    Header edit Set-Cookie ^(.*)$ $1;SameSite=Strict
+</If>