- Upgrade to 7.x from 6.x #11

2021-05-25 14:15:02 +02:00 · 2021-05-25 14:15:02 +02:00 · bcbd05d7d8
commit bcbd05d7d8
parent 4e44d9d996
29 changed files with 1289 additions and 647 deletions
--- a/config/session.php
+++ b/config/session.php
@ -71,7 +71,7 @@ return [
    |
     */

-    'connection' => null,
+    'connection' => env('SESSION_CONNECTION', null),

    /*
    |--------------------------------------------------------------------------
@ -86,6 +86,21 @@ return [

    'table' => 'sessions',

+      /*
+    |--------------------------------------------------------------------------
+    | Session Cache Store
+    |--------------------------------------------------------------------------
+    |
+    | While using one of the framework's cache driven session backends you may
+    | list a cache store that should be used for these sessions. This value
+    | must match with one of the application's configured cache "stores".
+    |
+    | Affects: "apc", "dynamodb", "memcached", "redis"
+    |
+    */
+
+    'store' => env('SESSION_STORE', null),
+
    /*
    |--------------------------------------------------------------------------
    | Session Sweeping Lottery
@ -147,8 +162,23 @@ return [
    | to the server if the browser has a HTTPS connection. This will keep
    | the cookie from being sent to you if it can not be done securely.
    |
-     */
+    */

-    'secure' => false,
+    'secure' => env('SESSION_SECURE_COOKIE', false),
+
+   /*
+    |--------------------------------------------------------------------------
+    | Same-Site Cookies
+    |--------------------------------------------------------------------------
+    |
+    | This option determines how your cookies behave when cross-site requests
+    | take place, and can be used to mitigate CSRF attacks. By default, we
+    | will set this value to "lax" since this is a secure default value.
+    |
+    | Supported: "lax", "strict", "none", null
+    |
+    */
+
+    'same_site' => 'lax',

 ];