Vulnerability mitigation - revert secure cookies by default

2021-06-01 10:52:51 -04:00
parent 0a39b60eee
commit c2fb21c570
19 changed files with 106 additions and 99 deletions
--- a/changelang.php
+++ b/changelang.php
@@ -19,8 +19,8 @@
    $app_disp_lang = filter_input(INPUT_POST, 'app_disp_lang', FILTER_SANITIZE_STRING);                 // GET SANITARY LANG CHOICE
    setcookie ( 'app_disp_lang', $app_disp_lang, [
        'expires' => time() + 60*60*24*90,
-        'secure' => true,
-        'httponly' => true,
-        'samesite' => 'Strict',
+        'secure' => false,
+        'httponly' => false,
+        'samesite' => 'Lax',
    ]);
    header('Location: index.php');                                              // GO HOME UNTIL WE ADD REFERER LOGIC