mirror of
https://github.com/opensourcepos/opensourcepos.git
synced 2025-12-25 18:47:53 -05:00
09530c1609
* Replace tabs with spaces Signed-off-by: objecttothis <objecttothis@gmail.com> * Composer package bumps - Bump codeigniter4/framework to 4.6.0 - Bump codeIgniter/coding-standard to ^1.8 - Bump codeigniter4/devkit to ^1.3 - Updated framework files required by CI4.6.0 - Removed Deprecated variables - Added new file in the repo from framework Signed-off-by: objecttothis <objecttothis@gmail.com> * Reflect PHP 8.4 support Updates for PHP 8.4 support introduced with the upgrade to CodeIgniter 4.6.x * Update INSTALL.md - Revert PHP 8.4 support for now. - Removed extra space before comma --------- Signed-off-by: objecttothis <objecttothis@gmail.com> Co-authored-by: BudsieBuds <bas_hubers@hotmail.com>
87 lines
2.8 KiB
PHP
87 lines
2.8 KiB
PHP
<?php
|
|
|
|
namespace Config;
|
|
|
|
use CodeIgniter\Config\BaseConfig;
|
|
|
|
class Security extends BaseConfig
|
|
{
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Protection Method
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Protection Method for Cross Site Request Forgery protection.
|
|
*
|
|
* @var string 'cookie' or 'session'
|
|
*/
|
|
public string $csrfProtection = 'cookie';
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Token Randomization
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Randomize the CSRF Token for added security.
|
|
*/
|
|
public bool $tokenRandomize = false;
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Token Name
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Token name for Cross Site Request Forgery protection.
|
|
*/
|
|
public string $tokenName = 'csrf_ospos_v4';
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Header Name
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Header name for Cross Site Request Forgery protection.
|
|
*/
|
|
public string $headerName = 'X-CSRF-TOKEN';
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Cookie Name
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Cookie name for Cross Site Request Forgery protection.
|
|
*/
|
|
public string $cookieName = 'csrf_cookie_ospos_v4';
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Expires
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Expiration time for Cross Site Request Forgery protection cookie.
|
|
*
|
|
* Defaults to two hours (in seconds).
|
|
*/
|
|
public int $expires = 7200;
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Regenerate
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Regenerate CSRF Token on every submission.
|
|
*/
|
|
public bool $regenerate = true;
|
|
|
|
/**
|
|
* --------------------------------------------------------------------------
|
|
* CSRF Redirect
|
|
* --------------------------------------------------------------------------
|
|
*
|
|
* Redirect to previous page with error on failure.
|
|
*
|
|
* @see https://codeigniter4.github.io/userguide/libraries/security.html#redirection-on-failure
|
|
*/
|
|
public bool $redirect = (ENVIRONMENT === 'production');
|
|
}
|