# HG changeset patch
# User Matti Hamalainen <ccr@tnsp.org>
# Date 1606969568 -7200
# Node ID 5a902083a2165f612b347a34a3b3a370a55d62ad
# Parent  9f2e0e797abe86054289fef7e06ec3a1c2267364
Use PHP cookie options array and set SameSite policy.

diff -r 9f2e0e797abe -r 5a902083a216 index.php
--- a/index.php	Thu Oct 29 08:10:53 2020 +0200
+++ b/index.php	Thu Dec 03 06:26:08 2020 +0200
@@ -43,7 +43,16 @@
 if (isset($_GET["css"]))
 {
   $pageCSSIndex = intval($_GET["css"]);
-  setcookie($pageCSSCookie, $pageCSSIndex, time() + 365*24*60*60, "/"); // expire in a year
+
+  $coptions = [
+    "expires"  => time() + 365*24*60*60,
+    "path"     => "/",
+    "samesite" => "Strict",
+    "secure"   => false,
+    "httponly" => false,
+  ];
+
+  setcookie($pageCSSCookie, $pageCSSIndex, $coptions);
 }
 else
 {