summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 07:22:08 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 07:22:08 +0000
commit599f96d6eb22e23a82bbeff36462b7e6146ca0c0 (patch)
treec72246c87898739794bf01d55218619bb7db0a2c
parentSetting HSTS options to "max-age=63072000; includeSubDomains; preload". (diff)
downloadapache2-599f96d6eb22e23a82bbeff36462b7e6146ca0c0.tar.xz
apache2-599f96d6eb22e23a82bbeff36462b7e6146ca0c0.zip
Setting additional Set-Cookie options HttpOnly;SameSite=Strict;Secure.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--debian/apache2.postinst2
-rw-r--r--debian/config-dir/conf-available/modern-cookies.conf7
2 files changed, 8 insertions, 1 deletions
diff --git a/debian/apache2.postinst b/debian/apache2.postinst
index 06cae04..23f6c94 100644
--- a/debian/apache2.postinst
+++ b/debian/apache2.postinst
@@ -56,7 +56,7 @@ enable_default_conf()
if is_fresh_install $@ ; then
for conf in charset localized-error-pages other-vhosts-access-log \
security serve-cgi-bin \
- csp hsts ; do
+ csp hsts modern-cookies ; do
a2enconf -m -q $conf
done
fi
diff --git a/debian/config-dir/conf-available/modern-cookies.conf b/debian/config-dir/conf-available/modern-cookies.conf
new file mode 100644
index 0000000..d84a6f7
--- /dev/null
+++ b/debian/config-dir/conf-available/modern-cookies.conf
@@ -0,0 +1,7 @@
+# /etc/apache2/conf-available/modern-cookies.conf
+
+<IfModule mod_headers.c>
+ <IfModule mod_ssl.c>
+ Header edit Set-Cookie ^(.*)$ $1;HttpOnly;SameSite=Strict;Secure
+ </IfModule>
+</IfModule>