archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-5.5'

Browse source 
* PHP-5.5:
  Add session.use_strict_mode description to php.ini-*
This commit is contained in:
Yasuo Ohgaki 2013-08-20 18:30:46 +09:00
commit 8da7aa7e41
2 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
php.ini-development
View file

@ -1400,6 +1400,14 @@ session.save_handler = files
; http://php.net/session.save-path
;session.save_path = "/tmp"
; Whether to use strict session mode.
; Strict session mode does not accept uninitialized session ID and regenerate
; session ID if browser sends uninitialized session ID. Strict mode protects
; applications from session fixation via session adoption vulnerability. It is
; disabled by default for maximum compatibility, but enabling it is encouraged.
; https://wiki.php.net/rfc/strict_sessions
session.use_strict_mode = 0
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1