本文介绍了如何通过调整PHP会话设置来改善网站的安全性和用户体验,包括禁用referrer检查、调整会话名称及cookie属性等。
// Revert value and get rid of the referrer check even when,// Security.level is mediumini_restore('session.referer_check');
ini_set('session.use_trans_sid', 0);
ini_set('session.name', Configure::read('Session.cookie'));// Cookie is now destroyed when browser is closed, doesn't // persist for days as it does by default for security// low and mediumini_set('session.cookie_lifetime', 0);// Cookie path is now '/' even if you app is within a sub // directory on the domain
$this->path = '/';
ini_set('session.cookie_path', $this->path);// Session cookie now persists across all subdomainsini_set('session.cookie_domain', env('HTTP_BASE'));
扫一扫
947
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
