David A. Windham
david
/
laravel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

:wrench: :wrench: Reduce discoverability of session cookie name.

Derives session.cookie from SESSION_COOKIE, falling back to (snake_cased) APP_NAME . '_session', falling back to 'laravel_session' (current) in order to make it less discoverable, thereby (slightly) reducing threat vector.
Yitzchok Willroth 6 years ago
parent
d5bf06589f
commit
a7f2c060b2
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      config/session.php

+ 1 - 1
config/session.php
View File 

@@ -122,7 +122,7 @@ return [
 
     |
 
     */
 
 
-    'cookie' => 'laravel_session',
 
+    'cookie' => env('SESSION_COOKIE', snake_case(env('APP_NAME', 'laravel')).'_session'),
 
 
     /*
 
     |--------------------------------------------------------------------------