Skip to content

Commit

Permalink
Merge pull request #15 from albertborsos/hotfix-cookie-management-on-…
Browse files Browse the repository at this point in the history 
…http-domains

fix cookie management on http domains
hide consent bar if cookie settings form is submitted
mark Component::cookieHttpOnly as deprecated
  • Loading branch information
@albertborsos
albertborsos committed May 15, 2019
2 parents d70dc98 + a9776d7 commit 784175f
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 9 deletions.
43 changes: 42 additions & 1 deletion src/Component.php
View file
Expand Up @@ -35,6 +35,7 @@ class Component extends \yii\base\Component implements CategoryInterface, Cookie
];

const COOKIE_OPTION_PREFIX = 'cookieconsent_option_';
const COOKIECONSENT_STATUS = 'cookieconsent_status';

/**
* Suggested format in config:
Expand Down Expand Up @@ -109,6 +110,7 @@ class Component extends \yii\base\Component implements CategoryInterface, Cookie
/**
* this value will be passed to `setcookie()` method.
* @var string
* @deprecated since `1.2.4` because if it has a `true` value then CookieConsent library cannot manage the cookies from the frontend it they are set via form submission
*/
public $cookieHttpOnly = false;

Expand Down Expand Up @@ -212,7 +214,7 @@ public function getCategories()
*/
public function setStatus($status = null)
{
$this->_status = $status ?: ArrayHelper::getValue($_COOKIE, 'cookieconsent_status');
$this->_status = $status ?: ArrayHelper::getValue($_COOKIE, self::COOKIECONSENT_STATUS);
}

/**
Expand Down Expand Up @@ -381,6 +383,19 @@ private function calculateDefaultCookieValue()
}
}

public function getNotAllowedTypeByComplianceType()
{
switch ($this->complianceType) {
case self::COMPLIANCE_TYPE_INFO:
case self::COMPLIANCE_TYPE_OPT_OUT:
return self::STATUS_DISMISSED;
break;
case self::COMPLIANCE_TYPE_OPT_IN:
return self::STATUS_DENIED;
break;
}
}

/**
* @return bool
*/
Expand Down Expand Up @@ -448,4 +463,30 @@ private function generateUrls()
$this->urlSettings = Url::to($this->urlSettings, true);
$this->urlPrivacyPolicy = Url::to($this->urlPrivacyPolicy, true);
}

public function removeCookieConfig($cookieName)
{
$cookieParts = [
$cookieName => '',
'Domain' => $this->getComponent()->cookieDomain,
'Path' => $this->getComponent()->cookiePath,
'Secure' => $this->getComponent()->cookieSecure,
'Expires' => 'Thu, 01 Jan 1970 00:00:01 GMT',
];

$settings = '';
foreach ($cookieParts as $attribute => $value) {
if ($value === false) {
continue;
}

if ($value === true) {
$settings .= ' ' . $attribute . ';';
} else {
$settings .= ' ' . $attribute . '=' . $value . ';';
}
}

return "'" . trim($settings) . "'";
}
}
13 changes: 8 additions & 5 deletions src/actions/CookieSettingsAction.php
View file
Expand Up @@ -59,13 +59,16 @@ private function registerAssets()
$component = CookieHelper::getComponent();

Yii::$app->view->registerJs("
$(document).on('click', '.cc-revoke-custom', function () {
var cookieNames = " . \yii\helpers\Json::encode($component->getCategories()) . ";
$(document).on('click', '.cc-revoke-custom', function (e) {
e.preventDefault();
var cookieNames = " . \yii\helpers\Json::encode($component->getCategories()) . ';
$.each(cookieNames, function(){
document.cookie = 'cookieconsent_option_' + this + '=; Domain=" . $component->cookieDomain . '; Path=' . $component->cookiePath . '; Secure=' . $component->cookieSecure . "; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
document.cookie = ' . $component->removeCookieConfig("cookieconsent_option_' + this + '") . ';
});
document.cookie = 'cookieconsent_status=; Domain=" . $component->cookieDomain . '; Path=' . $component->cookiePath . '; Secure=' . $component->cookieSecure . "; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
document.cookie = ' . $component->removeCookieConfig('cookieconsent_status') . ';
// update cookie settings page if cookieconsent status changed on this page
window.location.reload();
});
");
');
}
}
3 changes: 2 additions & 1 deletion src/domains/CookieSettingsDomain.php
View file
Expand Up @@ -38,8 +38,9 @@ private function storeSettingsInCookies()
$currentValue = ArrayHelper::getValue($_COOKIE, $name);
if ($currentValue !== $newValue) {
unset($_COOKIE[$name]);
setcookie($name, $newValue, $expireAt, $component->cookiePath, $component->cookieDomain, $component->cookieSecure, $component->cookieHttpOnly);
setcookie($name, $newValue, $expireAt, $component->cookiePath, $component->cookieDomain, $component->cookieSecure);
}
}
setcookie(Component::COOKIECONSENT_STATUS, $component->getNotAllowedTypeByComplianceType(), $expireAt, $component->cookiePath, $component->cookieDomain, $component->cookieSecure);
}
}
4 changes: 2 additions & 2 deletions src/widgets/CookieWidget.php
View file
Expand Up @@ -241,9 +241,9 @@ private function loadComponent()
private function getRemoveCookieJsExpression()
{
return new \yii\web\JsExpression('function(){
var cookieNames = ' . \yii\helpers\Json::encode($this->getComponent()->getCategories()) . ";
var cookieNames = ' . \yii\helpers\Json::encode($this->getComponent()->getCategories()) . ';
$.each(cookieNames, function(){
document.cookie = 'cookieconsent_option_' + this + '=; Domain=" . $this->getComponent()->cookieDomain . '; Path=' . $this->getComponent()->cookiePath . '; Secure=' . $this->getComponent()->cookieSecure . "; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';
document.cookie = ' . $this->getComponent()->removeCookieConfig("cookieconsent_option_' + this + '") . ";
});
var currentUrl = window.location.href;
var policyUrl = '" . Url::to($this->policyLink, true) . "';
Expand Down

0 comments on commit 784175f

Please sign in to comment.