public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-13 09:56:01 +00:00
Code Issues Releases Wiki Activity

[Web] make SameSite policy and cookie name configurable via vars.local.inc

Browse Source
This commit is contained in:
FreddleSpl0it
2025-10-06 11:00:03 +02:00
parent 922d173540
commit 1ef0149076
2 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
data/web/inc/sessions.inc.php
View File

@@ -1,9 +1,9 @@
<?php <?php
// Start session // Start session
if (session_status() !== PHP_SESSION_ACTIVE) { if (session_status() !== PHP_SESSION_ACTIVE) {
session_name('MCSESSID'); session_name($SESSION_NAME);
ini_set("session.cookie_httponly", 1); ini_set("session.cookie_httponly", 1);
ini_set("session.cookie_samesite", "Lax"); ini_set("session.cookie_samesite", $SESSION_SAMESITE_POLICY);
ini_set('session.gc_maxlifetime', $SESSION_LIFETIME); ini_set('session.gc_maxlifetime', $SESSION_LIFETIME);
} }

7
data/web/inc/vars.inc.php
View File

@@ -153,6 +153,13 @@ $LOG_PAGINATION_SIZE = 50;
// Session lifetime in seconds // Session lifetime in seconds
$SESSION_LIFETIME = 10800; $SESSION_LIFETIME = 10800;
// Session SameSite Policy
// Use "None", "Lax" or "Strict"
$SESSION_SAMESITE_POLICY = "Lax";
// Name of the session cookie
$SESSION_NAME = "MCSESSID";
// Label for OTP devices // Label for OTP devices
$OTP_LABEL = "mailcow UI"; $OTP_LABEL = "mailcow UI";