hnhx / librex

Framework and javascript free privacy respecting meta search engine

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Cookies

carlostkd opened this issue · comments

when we save any custom settings cookies are created but would be better creating safe cookies

there is a peace of the improved code to generate safe cookies

file "settings.php":

if (isset($_REQUEST["save"])) {
foreach($_POST as $key=>$value) {
if (!empty($value)) {
// Set additional flags for cookie security
setcookie($key, $value, [
'expires' => time() + (86400 * 90),
'path' => '/',
'domain' => '',
'secure' => true, // Ensure cookies are only sent over HTTPS
'httponly' => true, // Prevent client-side JavaScript access to cookies
'samesite' => 'Strict' // Strict SameSite policy for better protection against CSRF attacks
]);
} else {
// If value is empty, delete the cookie
setcookie($key, "", time() - 1000);
}
}
}

Hi, LibreX is no longer maintained, but I've submitted a patch on its fork, LibreY Ahwxorg#150 Let me know if there are any problems with my implementation