Commit ca97abe7 authored by Taylor Otwell's avatar Taylor Otwell

Added http_only configuration item to session cookie.

parent db45be96
...@@ -198,7 +198,7 @@ class Session { ...@@ -198,7 +198,7 @@ class Session {
{ {
$minutes = (Config::get('session.expire_on_close')) ? 0 : Config::get('session.lifetime'); $minutes = (Config::get('session.expire_on_close')) ? 0 : Config::get('session.lifetime');
Cookie::put('laravel_session', static::$session['id'], $minutes, Config::get('session.path'), Config::get('session.domain'), Config::get('session.https')); Cookie::put('laravel_session', static::$session['id'], $minutes, Config::get('session.path'), Config::get('session.domain'), Config::get('session.https'), Config::get('session.http_only'));
} }
// 2% chance of performing session garbage collection... // 2% chance of performing session garbage collection...
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment