Feature #3252
closedNeed to add Samesite Cookie Attribute in conf file
Description
Hi all,
I am using lighttpd-1.4.73.
I am running the conf file from /etc/lighttpd.conf
I would like to add Samesite cookie attribute in my conf file. Can you help me in doing this. I need this to solve my cross site scripting vulnerability.
I tired adding mod_usertrack under server_modules in my conf file as given in https://redmine.lighttpd.net/projects/1/wiki/Docs_ModUserTrack. After compilation the when i start the lighttpd using the command lighttpd -f /etc/lighttpd.conf getting the below error.
lighttpd -f /etc/lighttpd.conf
2024-05-27 11:41:41: (../src/plugin.c.221) dlopen() failed for: /usr/lib/lighttpd/mod_usertrack.so /usr/lib/lighttpd/mod_usertrack.so: cannot open shared object file: No such file or directory
2024-05-27 11:41:41: (../src/server.c.1646) loading plugins finally failed
Thanks in Advance.
Updated by gstrauss 10 months ago ยท Edited
- Status changed from New to Invalid
- Target version deleted (
1.4.xx)
Can you help me in doing this.
Ask questions in the Forums.
Ask questions in the Forums.
Ask questions in the Forums.
Do not post questions here.
Read the doc more carefully.
The FIRST line under Description on Docs_ModUserTrack says: DEPRECATED mod_usertrack should be replaced with lua mod_usertrack
Then again, mod_usertrack seemingly has nothing to do with fixing whatever happens to be your XSS issue. Add the SameSite attribute to whatever is generating cookies on your site.
Also available in: Atom