Manual:$wgCookieSecure/ru
Cookies: $wgCookieSecure | |
---|---|
Whether cookies are secured. |
|
Введено в версии: | 1.6.0 (r12253) |
Удалено в версии: | всё ещё используется |
Допустимые значения: | (boolean or special value 'detect' ) |
Значение по умолчанию: | (see below) |
Другие настройки: По алфавиту | По функциональности |
Details
Whether cookies should only be sent over HTTPS (Secure
attribute of cookies, see section 4.1.2.5 in RFC 6265).
HTTPS-only sites should set this to true
, to avoid cookie theft.
If configured with the default value, 'detect'
, the runtime value is calculated by looking at the protocol that the request came in under.
Sites using reverse proxies, load balancing or some other method which converts HTTPS requests into HTTP ones need to set the X-Forwarded-Proto
header for detection to work correctly.
(See also $wgVaryOnXFP
.)
Default value
Версия MediaWiki: | ≥ 1.18 |
$wgCookieSecure = 'detect';
Версии MediaWiki: | 1.6 – 1.17 |
$wgCookieSecure = ($wgProto == 'https');