Clarify session.cookie_samesite="None"

2024-09-21 09:57:23 +00:00 · 2020-03-18 15:59:30 +01:00 · 2020-03-18 15:59:30 +01:00 · c00cce3229
commit c00cce3229
parent b114e3d953
2 changed files with 4 additions and 2 deletions
--- a/php.ini-development
+++ b/php.ini-development
@ -1413,7 +1413,8 @@ session.cookie_domain =
 session.cookie_httponly =

 ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
-; Current valid values are "Lax" or "Strict"
+; Current valid values are "Strict", "Lax" or "None". When using "None",
+; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
 ; https://tools.ietf.org/html/draft-west-first-party-cookies-07
 session.cookie_samesite =

--- a/php.ini-production
+++ b/php.ini-production
@ -1415,7 +1415,8 @@ session.cookie_domain =
 session.cookie_httponly =

 ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
-; Current valid values are "Lax" or "Strict"
+; Current valid values are "Strict", "Lax" or "None". When using "None",
+; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
 ; https://tools.ietf.org/html/draft-west-first-party-cookies-07
 session.cookie_samesite =