Add samesite attribute to session cookie after session migration
This commit is contained in:
parent
4bc1cc7e43
commit
df903005c1
@ -222,6 +222,13 @@ class NativeSessionStorage implements SessionStorageInterface
|
|||||||
// @see https://bugs.php.net/bug.php?id=70013
|
// @see https://bugs.php.net/bug.php?id=70013
|
||||||
$this->loadSession();
|
$this->loadSession();
|
||||||
|
|
||||||
|
if (null !== $this->emulateSameSite) {
|
||||||
|
$originalCookie = SessionUtils::popSessionCookie(session_name(), session_id());
|
||||||
|
if (null !== $originalCookie) {
|
||||||
|
header(sprintf('%s; SameSite=%s', $originalCookie, $this->emulateSameSite));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return $isRegenerated;
|
return $isRegenerated;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -0,0 +1,23 @@
|
|||||||
|
open
|
||||||
|
validateId
|
||||||
|
read
|
||||||
|
doRead:
|
||||||
|
read
|
||||||
|
destroy
|
||||||
|
close
|
||||||
|
open
|
||||||
|
validateId
|
||||||
|
read
|
||||||
|
doRead:
|
||||||
|
read
|
||||||
|
|
||||||
|
write
|
||||||
|
doWrite: foo|s:3:"bar";
|
||||||
|
close
|
||||||
|
Array
|
||||||
|
(
|
||||||
|
[0] => Content-Type: text/plain; charset=utf-8
|
||||||
|
[1] => Cache-Control: max-age=0, private, must-revalidate
|
||||||
|
[2] => Set-Cookie: sid=random_session_id; path=/; secure; HttpOnly; SameSite=lax
|
||||||
|
)
|
||||||
|
shutdown
|
@ -0,0 +1,15 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
require __DIR__.'/common.inc';
|
||||||
|
|
||||||
|
use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
|
||||||
|
|
||||||
|
$storage = new NativeSessionStorage(array('cookie_samesite' => 'lax'));
|
||||||
|
$storage->setSaveHandler(new TestSessionHandler());
|
||||||
|
$storage->start();
|
||||||
|
|
||||||
|
$_SESSION = array('foo' => 'bar');
|
||||||
|
|
||||||
|
$storage->regenerate(true);
|
||||||
|
|
||||||
|
ob_start(function ($buffer) { return preg_replace('~_sf2_meta.*$~m', '', str_replace(session_id(), 'random_session_id', $buffer)); });
|
Reference in New Issue
Block a user