diff --git a/.htaccess b/.htaccess
index 34095b1..9b0b715 100644
--- a/.htaccess
+++ b/.htaccess
@@ -7,3 +7,6 @@ Header append X-Content-Type-Options "nosniff"
Header always set Strict-Transport-Security "max-age=604800; includeSubDomains"
Header set X-Content-Type-Options nosniff
+
+ Header edit Set-Cookie ^(.*)$ $1;SameSite=Strict
+
diff --git a/changeaccess.php b/changeaccess.php
index 7348d72..5d12fc3 100644
--- a/changeaccess.php
+++ b/changeaccess.php
@@ -15,17 +15,7 @@
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
*/
- ini_set('session.gc_maxlifetime', 24*60*60); // MIN SESSION
- ini_set('session.gc_probability', 1); // GC RATES
- ini_set('session.gc_divisor', 100); // TIMES
- ini_set('session.use_cookies', '1');
- ini_set('session.use_only_cookies', '1');
- ini_set('session.cookie_lifetime', '0');
- ini_set('session.cookie_secure', '0');
- ini_set('session.cookie_httponly', '1');
- ini_set('session.cookie_samesite', 'Strict');
- session_save_path('.tmp'); // TEMP
- session_start(); // START
+
require_once __DIR__ . '/autoload.php'; // AUTOLOAD
use App\LobbySIO\Misc\Csrf; // ANTICSRF
use App\LobbySIO\Config\Registry;
diff --git a/inc/header.inc.php b/inc/header.inc.php
index 3f68e64..7f83911 100644
--- a/inc/header.inc.php
+++ b/inc/header.inc.php
@@ -15,6 +15,7 @@
* You should have received a copy of the GNU General Public License
* along with this program. If not, see .
*/
+ // START
//ini_set('session.gc_maxlifetime', 24*60*60); // MIN SESSION
//ini_set('session.gc_probability', 1); // GC RATES