diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:17:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:17:10 +0000 |
| commit | 92112183de908e832f6f11bb662c1dc18c52887a (patch) | |
| tree | 3e87c54bd649575eb7376fdf4e62ccc69af46d7e | |
| parent | Setting HSTS options to "max-age=63072000; includeSubDomains; preload". (diff) | |
| download | apache2-92112183de908e832f6f11bb662c1dc18c52887a.tar.xz apache2-92112183de908e832f6f11bb662c1dc18c52887a.zip | |
Setting additional Set-Cookie options HttpOnly;SameSite=Strict;Secure.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
| -rw-r--r-- | debian/apache2.postinst | 2 | ||||
| -rw-r--r-- | debian/config-dir/conf-available/modern-cookies.conf | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/debian/apache2.postinst b/debian/apache2.postinst index bc839f1..0b87a6b 100644 --- a/debian/apache2.postinst +++ b/debian/apache2.postinst @@ -56,7 +56,7 @@ enable_default_conf() if is_fresh_install $@ ; then for conf in charset localized-error-pages other-vhosts-access-log \ security serve-cgi-bin \ - csp hsts ; do + csp hsts modern-cookies ; do a2enconf -m -q $conf done fi diff --git a/debian/config-dir/conf-available/modern-cookies.conf b/debian/config-dir/conf-available/modern-cookies.conf new file mode 100644 index 0000000..d84a6f7 --- /dev/null +++ b/debian/config-dir/conf-available/modern-cookies.conf @@ -0,0 +1,7 @@ +# /etc/apache2/conf-available/modern-cookies.conf + +<IfModule mod_headers.c> + <IfModule mod_ssl.c> + Header edit Set-Cookie ^(.*)$ $1;HttpOnly;SameSite=Strict;Secure + </IfModule> +</IfModule> |