diff --git a/meta/definitions/software.php b/meta/definitions/software.php index 3a14fad..8bb70e7 100644 --- a/meta/definitions/software.php +++ b/meta/definitions/software.php @@ -86,11 +86,11 @@ return [ JavascriptMiddleware::class => create(JavascriptMiddleware::class), - Cookie::class => create(Cookie::class)->constructor([ 'secure' => true, 'path' => getenv('URL_BASE'), ], getenv("LEAN_RANDOM")), + Cookie::class => create(Cookie::class)->constructor([ 'secure' => true, 'samesite' => 'Strict' ], getenv("LEAN_RANDOM")), - Session::class => create(Session::class)->constructor(get(Cookie::class), [ 'path' => getenv('URL_BASE'), ]), + Session::class => create(Session::class), - SessionMiddleware::class => create(SessionMiddleware::class)->constructor(get(Cookie::class), [ 'path' => getenv('URL_BASE'), 'name' => "lean_sess_" . substr(md5(getenv("LEAN_RANDOM")), 0, 12) ]), + SessionMiddleware::class => create(SessionMiddleware::class)->constructor(get(Cookie::class), [ 'name' => "lean_sess_" . substr(md5(getenv("LEAN_RANDOM")), 0, 12), 'path' => getenv('URL_BASE') ?: '/' ]), 'git.commit' => function($c) { if ( getenv("DEBUG") ) { diff --git a/src/ControllerTrait.php b/src/ControllerTrait.php index fe9c135..d47f216 100644 --- a/src/ControllerTrait.php +++ b/src/ControllerTrait.php @@ -67,6 +67,10 @@ trait ControllerTrait { } protected function redirect(string $url, int $code = 302, array $headers = []) { + if ($code === 302 && empty(array_change_key_case($headers, CASE_LOWER)['cache-control'])) { + $headers['cache-control'] = 'no-store'; + } + return new RedirectResponse($url, $code, $headers); } diff --git a/src/Routing.php b/src/Routing.php index 5069831..27ab05f 100644 --- a/src/Routing.php +++ b/src/Routing.php @@ -97,6 +97,7 @@ class Routing { } if ( $forbidden = $this->security->taxus($class, $method, $object->user) ) { + return $forbidden; }