bug #33927 Allow to set SameSite config to 'none' (ihmels)
This PR was merged into the 4.3 branch.
Discussion
----------
Allow to set SameSite config to 'none'
| Q | A
| ------------- | ---
| Branch? | 4.3
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Tickets | Fix #33926
| License | MIT
| Doc PR | -
Commits
-------
eec7e8cc61 Allow to set cookie_samesite to 'none'
This commit is contained in:
Nicolas Grekas
commit
ac422dbd07
@ -542,7 +542,7 @@ class Configuration implements ConfigurationInterface
|
||||
->scalarNode('cookie_domain')->end()
|
||||
->enumNode('cookie_secure')->values([true, false, 'auto'])->end()
|
||||
->booleanNode('cookie_httponly')->defaultTrue()->end()
|
||||
->enumNode('cookie_samesite')->values([null, Cookie::SAMESITE_LAX, Cookie::SAMESITE_STRICT])->defaultNull()->end()
|
||||
->enumNode('cookie_samesite')->values([null, Cookie::SAMESITE_LAX, Cookie::SAMESITE_STRICT, Cookie::SAMESITE_NONE])->defaultNull()->end()
|
||||
->booleanNode('use_cookies')->end()
|
||||
->scalarNode('gc_divisor')->end()
|
||||
->scalarNode('gc_probability')->defaultValue(1)->end()
|
||||
|
||||
@ -144,7 +144,7 @@ class RememberMeFactory implements SecurityFactoryInterface
|
||||
if ('secure' === $name) {
|
||||
$builder->enumNode($name)->values([true, false, 'auto'])->defaultValue('auto' === $value ? null : $value);
|
||||
} elseif ('samesite' === $name) {
|
||||
$builder->enumNode($name)->values([null, Cookie::SAMESITE_LAX, Cookie::SAMESITE_STRICT])->defaultValue($value);
|
||||
$builder->enumNode($name)->values([null, Cookie::SAMESITE_LAX, Cookie::SAMESITE_STRICT, Cookie::SAMESITE_NONE])->defaultValue($value);
|
||||
} elseif (\is_bool($value)) {
|
||||
$builder->booleanNode($name)->defaultValue($value);
|
||||
} else {
|
||||
|
||||
Reference in New Issue
Block a user