Validate secure cookies (#15401)
* Validate secure session cookies if HTTPS When HTTPS is available, secure session cookies should be enabled SESSION_SECURE_COOKIE=true * Apply fixes from StyleCI * Note config:cache --------- Co-authored-by: StyleCI Bot <bot@styleci.io>
This commit is contained in:
parent
cc98089af1
commit
86793653b3
|
@ -62,6 +62,10 @@ class WebServer extends BaseValidation
|
|||
$validator->fail('base_url is not set correctly', "lnms config:set base_url $correct_base");
|
||||
}
|
||||
}
|
||||
|
||||
if (request()->secure() && ! \config('session.secure')) {
|
||||
$validator->fail('Secure session cookies are not enabled', 'Set SESSION_SECURE_COOKIE=true and run lnms config:cache');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue