Vulnerability mitigation - revert secure cookies by default

2021-06-01 10:52:51 -04:00
parent 0a39b60eee
commit c2fb21c570
19 changed files with 106 additions and 99 deletions
--- a/changesite.php
+++ b/changesite.php
@@ -19,8 +19,8 @@
    $site = filter_input(INPUT_POST, 'site', FILTER_SANITIZE_STRING);                                   // GET SANITARY SITE CHOICE
    setcookie ( 'app_site', $site, [
        'expires' => time() + 60*60*24*90,
-        'secure' => true,
-        'httponly' => true,
-        'samesite' => 'Strict',
+        'secure' => false,
+        'httponly' => false,
+        'samesite' => 'Lax',
    ]);
    header('Location: index.php');                                              // GO HOME UNTIL WE ADD REFERER LOGIC