Merge pull request #19 from anhofmann/master

don't expose sessionID to other domains

Author: amenk

src/UrlGeneratorService.php

@@ -13,6 +13,11 @@ private function addSid(string $url, ?\Illuminate\Routing\Route $route = null):
             return $url;
         }
 
+        // Don't expose sessionID to other Domains
+        if(parse_url($url, PHP_URL_HOST) != parse_url(\Config::get('app.url'))) {
+            return $url;
+        }
+
         // Get the current query string and parameters
         $queryString = parse_url($url, PHP_URL_QUERY) ?? '';
         parse_str($queryString, $queryParameters);