Add session cookie hardening and Nginx security headers - camagru

diff options

author	Thomas Vanbesien <tvanbesi@proton.me>	2026-03-22 13:53:01 +0100
committer	Thomas Vanbesien <tvanbesi@proton.me>	2026-03-22 13:53:01 +0100
commit	78e891f06ab94ef478de1c431157f7d634fe4ac8 (patch)
tree	028aae8f1277470d704d38d78d8628311dc9c640 /src/app/Csrf.php
parent	de41aa4531df4515de93eba685cfeb03227a5d4e (diff)
download	camagru-78e891f06ab94ef478de1c431157f7d634fe4ac8.tar.gz camagru-78e891f06ab94ef478de1c431157f7d634fe4ac8.zip

Add session cookie hardening and Nginx security headers

Set httponly, samesite=Lax, and auto-detected secure flag on session cookies. Add X-Content-Type-Options, X-Frame-Options, and Content-Security-Policy headers in Nginx. Document both in README.

Diffstat (limited to 'src/app/Csrf.php')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: