diff --git a/convention.php b/convention.php index a35ac0b9..c66ef583 100644 --- a/convention.php +++ b/convention.php @@ -203,6 +203,8 @@ return [ 'type' => '', // 是否自动开启 SESSION 'auto_start' => true, + 'httponly' => true, + 'secure' => true, ], // +---------------------------------------------------------------------- diff --git a/library/think/Session.php b/library/think/Session.php index 48f23caa..35726220 100644 --- a/library/think/Session.php +++ b/library/think/Session.php @@ -77,7 +77,12 @@ class Session ini_set('session.gc_maxlifetime', $config['expire']); ini_set('session.cookie_lifetime', $config['expire']); } - + if (isset($config['secure'])) { + ini_set('session.cookie_secure', $config['secure']); + } + if (isset($config['httponly'])) { + ini_set('session.cookie_httponly', $config['httponly']); + } if (isset($config['use_cookies'])) { ini_set('session.use_cookies', $config['use_cookies'] ? 1 : 0); }