Table of Contents |
---|
...
/usr/local/omk/bin/opcommon-cli.exe act=secrets_randomise [force=true] [length=N]
Where:
- force=true will change the token even if this is not the default (Like =~ change_me)
- length=N will force the token length to N (32 by default)
...
Cookie | Support | Behaviour |
---|---|---|
HttpOnly | By default | The cookies are not going to be accesible from the JavaScript API. |
secure | Should be enabled by setting the configuration item "auth_secure_cookie" => "true" in opCommon.json. | This cookie could be sent just in a request ciphered over https protocol. That's the reason why it is not set by default. |
SameSite set to Strict | Will be supported in next versions. (Major version upgrade from libraries is required) Supported since the following versions:
| The cookie set to strict means that the browser just send the cookie if the request was made in the website that originally stablished the cookie. |
...