ENHANCEMENT: added security hardening
This commit is contained in:
parent
850dbe3a66
commit
21f1d180ad
|
@ -1,6 +1,5 @@
|
|||
<?php
|
||||
|
||||
session_start();
|
||||
require_once "vendor/autoload.php";
|
||||
|
||||
if( ini_get('safe_mode') ){
|
||||
|
|
|
@ -100,6 +100,13 @@ class Kernel
|
|||
$this->router = new Router();
|
||||
$this->router->parseRoutes($this->getConfigDir(), 'routes.yaml');
|
||||
$request = $this->parseRequest();
|
||||
|
||||
if($request->isSecure()) {
|
||||
ini_set('session.cookie_httponly', true);
|
||||
ini_set('session.cookie_secure', true);
|
||||
}
|
||||
|
||||
session_start();
|
||||
return $this->router->route($request, $this);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue