Add samesite attribute to session cookie after session migration
This commit is contained in:
parent
4bc1cc7e43
commit
df903005c1
@ -222,6 +222,13 @@ class NativeSessionStorage implements SessionStorageInterface
|
||||
// @see https://bugs.php.net/bug.php?id=70013
|
||||
$this->loadSession();
|
||||
|
||||
if (null !== $this->emulateSameSite) {
|
||||
$originalCookie = SessionUtils::popSessionCookie(session_name(), session_id());
|
||||
if (null !== $originalCookie) {
|
||||
header(sprintf('%s; SameSite=%s', $originalCookie, $this->emulateSameSite));
|
||||
}
|
||||
}
|
||||
|
||||
return $isRegenerated;
|
||||
}
|
||||
|
||||
|
@ -0,0 +1,23 @@
|
||||
open
|
||||
validateId
|
||||
read
|
||||
doRead:
|
||||
read
|
||||
destroy
|
||||
close
|
||||
open
|
||||
validateId
|
||||
read
|
||||
doRead:
|
||||
read
|
||||
|
||||
write
|
||||
doWrite: foo|s:3:"bar";
|
||||
close
|
||||
Array
|
||||
(
|
||||
[0] => Content-Type: text/plain; charset=utf-8
|
||||
[1] => Cache-Control: max-age=0, private, must-revalidate
|
||||
[2] => Set-Cookie: sid=random_session_id; path=/; secure; HttpOnly; SameSite=lax
|
||||
)
|
||||
shutdown
|
@ -0,0 +1,15 @@
|
||||
<?php
|
||||
|
||||
require __DIR__.'/common.inc';
|
||||
|
||||
use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorage;
|
||||
|
||||
$storage = new NativeSessionStorage(array('cookie_samesite' => 'lax'));
|
||||
$storage->setSaveHandler(new TestSessionHandler());
|
||||
$storage->start();
|
||||
|
||||
$_SESSION = array('foo' => 'bar');
|
||||
|
||||
$storage->regenerate(true);
|
||||
|
||||
ob_start(function ($buffer) { return preg_replace('~_sf2_meta.*$~m', '', str_replace(session_id(), 'random_session_id', $buffer)); });
|
Reference in New Issue
Block a user