From 4440bd46adc73cd9be69f5f5716dbec4c92c7b73 Mon Sep 17 00:00:00 2001
From: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
Date: Tue, 23 Sep 2025 12:24:25 +0200
Subject: [PATCH] [Web] set cookie SameSite attribute to Lax

---
 data/web/inc/sessions.inc.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php
index bbc08cf13..1bb29d410 100644
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@@ -2,6 +2,7 @@
 // Start session
 if (session_status() !== PHP_SESSION_ACTIVE) {
   ini_set("session.cookie_httponly", 1);
+  ini_set("session.cookie_samesite", "Lax");
   ini_set('session.gc_maxlifetime', $SESSION_LIFETIME);
 }