|
@@ -178,10 +178,12 @@ return [
|
|
|
|
|
|
/*
|
|
|
|--------------------------------------------------------------------------
|
|
|
- | Same-site Cookies
|
|
|
+ | Same-Site Cookies
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
- | Here you may change the default value of the same-site cookie attribute.
|
|
|
+ | This option determines how your cookies behave when cross-site requests
|
|
|
+ | take place, and can be used to mitigate CSRF attacks. By default, we
|
|
|
+ | do not enable this as other CSRF protection services are in place.
|
|
|
|
|
|
|
| Supported: "lax", "strict"
|
|
|
|
|