summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorIgor Scheller <igor.scheller@igorshp.de>2017-09-20 11:07:25 +0200
committerIgor Scheller <igor.scheller@igorshp.de>2017-09-20 11:07:25 +0200
commitc6ef1120f82839cbb9d5abee12ab3e4803d5e2cd (patch)
treed490633b32b69a7141516aa238699c3e7e64ef63 /includes
parent31414905d710ed53796d67759dec24baf2eeefc7 (diff)
Set cookie to httponly
Diffstat (limited to 'includes')
-rw-r--r--includes/engelsystem_provider.php7
1 files changed, 3 insertions, 4 deletions
diff --git a/includes/engelsystem_provider.php b/includes/engelsystem_provider.php
index cd22f6a7..0de5e0f5 100644
--- a/includes/engelsystem_provider.php
+++ b/includes/engelsystem_provider.php
@@ -12,6 +12,7 @@ use Engelsystem\Routing\UrlGenerator;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
+use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
/**
* This file includes all needed functions, connects to the db etc.
@@ -198,10 +199,8 @@ foreach ($includeFiles as $file) {
/**
* Init application
*/
-$session = new Session();
-if (PHP_SAPI == 'cli') {
- $session = new Session(new MockArraySessionStorage());
-}
+$sessionStorage = (PHP_SAPI != 'cli' ? new NativeSessionStorage(['cookie_httponly' => true]) : new MockArraySessionStorage());
+$session = new Session($sessionStorage);
$app->instance('session', $session);
$session->start();
$request->setSession($session);