Http-Only Cookie

  • Resolved gvanastasov

    (@gvanastasov)


    6 years, 4 months ago

    Hello fellow devs,
    Got a small question – where can i set the JWT cookie to be http-only? Also is it worth doing so?

    i can see theres no such option in the plugin code:
    if ($container === 'cookie') {
    setcookie(
    'aam-jwt',
    $token,
    time() + $expire, // 3 hours
    '/',
    parse_url(get_bloginfo('url'), PHP_URL_HOST),
    is_ssl()
    );
    }

    Big thanks for the plugin.

    Br,

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Http-Only Cookie’ is closed to new replies.

Tags