bug #23426 Fixed HttpOnly flag when using Cookie::fromString() (Toflar)
This PR was merged into the 3.3 branch.
Discussion
----------
Fixed HttpOnly flag when using Cookie::fromString()
| Q | A
| ------------- | ---
| Branch? | 3.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #23424
| License | MIT
| Doc PR | -
Using `Cookie::fromString()` should not set the `HttpOnly` flag to `true` by default. This is a factory method and it should create an instance of `Cookie` that represents exactly what the string contains.
Commits
-------
73187d0003
Preserve HttpOnly value when deserializing a header
This commit is contained in:
commit
71c6f9962b
@ -46,7 +46,7 @@ class Cookie
|
||||
'path' => '/',
|
||||
'domain' => null,
|
||||
'secure' => false,
|
||||
'httponly' => true,
|
||||
'httponly' => false,
|
||||
'raw' => !$decode,
|
||||
'samesite' => null,
|
||||
);
|
||||
|
@ -200,6 +200,15 @@ class CookieTest extends TestCase
|
||||
$this->assertEquals(new Cookie('foo', 'bar', strtotime('Fri, 20-May-2011 15:25:52 GMT'), '/', '.myfoodomain.com', true, true, true), $cookie);
|
||||
|
||||
$cookie = Cookie::fromString('foo=bar', true);
|
||||
$this->assertEquals(new Cookie('foo', 'bar'), $cookie);
|
||||
$this->assertEquals(new Cookie('foo', 'bar', 0, '/', null, false, false), $cookie);
|
||||
}
|
||||
|
||||
public function testFromStringWithHttpOnly()
|
||||
{
|
||||
$cookie = Cookie::fromString('foo=bar; expires=Fri, 20-May-2011 15:25:52 GMT; path=/; domain=.myfoodomain.com; secure; httponly');
|
||||
$this->assertTrue($cookie->isHttpOnly());
|
||||
|
||||
$cookie = Cookie::fromString('foo=bar; expires=Fri, 20-May-2011 15:25:52 GMT; path=/; domain=.myfoodomain.com; secure');
|
||||
$this->assertFalse($cookie->isHttpOnly());
|
||||
}
|
||||
}
|
||||
|
@ -241,12 +241,12 @@ class ResponseHeaderBagTest extends TestCase
|
||||
{
|
||||
$bag = new ResponseHeaderBag();
|
||||
$bag->set('set-cookie', 'foo=bar');
|
||||
$this->assertEquals(array(new Cookie('foo', 'bar', 0, '/', null, false, true, true)), $bag->getCookies());
|
||||
$this->assertEquals(array(new Cookie('foo', 'bar', 0, '/', null, false, false, true)), $bag->getCookies());
|
||||
|
||||
$bag->set('set-cookie', 'foo2=bar2', false);
|
||||
$this->assertEquals(array(
|
||||
new Cookie('foo', 'bar', 0, '/', null, false, true, true),
|
||||
new Cookie('foo2', 'bar2', 0, '/', null, false, true, true),
|
||||
new Cookie('foo', 'bar', 0, '/', null, false, false, true),
|
||||
new Cookie('foo2', 'bar2', 0, '/', null, false, false, true),
|
||||
), $bag->getCookies());
|
||||
|
||||
$bag->remove('set-cookie');
|
||||
|
Reference in New Issue
Block a user