Cookie Security

Cookies should be secured to prevent attacks.

Important security options:

• HttpOnly
• Secure
• SameSite

Example

setcookie(
    "session",
    "abc123",
    [
        "expires" => time()+3600,
        "secure" => true,
        "httponly" => true,
        "samesite" => "Strict"
    ]
);