Skip to content
Permalink
Browse files

크롬 브라우저 80버전 samesite 이슈 대응 코드

  • Loading branch information
thisgun committed Jan 31, 2020
1 parent e672c33 commit b108ac159702f1862ecbd01299d422692763513a
Showing with 33 additions and 5 deletions.
  1. +33 −5 common.php
@@ -205,17 +205,45 @@ function sql_escape_string($str)
session_set_cookie_params(0, '/'); session_set_cookie_params(0, '/');
ini_set("session.cookie_domain", G5_COOKIE_DOMAIN); ini_set("session.cookie_domain", G5_COOKIE_DOMAIN);


@session_start();
//==============================================================================


//============================================================================== //==============================================================================
// 공용 변수 // 공용 변수
//------------------------------------------------------------------------------ //------------------------------------------------------------------------------
// 기본환경설정 // 기본환경설정
// 기본적으로 사용하는 필드만 얻은 후 상황에 따라 필드를 추가로 얻음 // 기본적으로 사용하는 필드만 얻은 후 상황에 따라 필드를 추가로 얻음
$config = sql_fetch(" select * from {$g5['config_table']} "); $config = sql_fetch(" select * from {$g5['config_table']} ");


// 본인인증 또는 쇼핑몰 사용시에만 secure; SameSite=None 로 설정합니다.
if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER) ) {
// Chrome 80 버전부터 아래 이슈 대응
// https://developers-kr.googleblog.com/2020/01/developers-get-ready-for-new.html?fbclid=IwAR0wnJFGd6Fg9_WIbQPK3_FxSSpFLqDCr9bjicXdzy--CCLJhJgC9pJe5ss
if(!function_exists('session_start_samesite')) {
function session_start_samesite($options = array())
{
$res = @session_start($options);

// IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None 을 설정하지 않습니다.
if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) ){
return $res;
}

$headers = headers_list();
krsort($headers);
foreach ($headers as $header) {
if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue;
$header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None';
header($header, false);
break;
}
return $res;
}
}

session_start_samesite();
} else {
@session_start();
}
//==============================================================================

define('G5_HTTP_BBS_URL', https_url(G5_BBS_DIR, false)); define('G5_HTTP_BBS_URL', https_url(G5_BBS_DIR, false));
define('G5_HTTPS_BBS_URL', https_url(G5_BBS_DIR, true)); define('G5_HTTPS_BBS_URL', https_url(G5_BBS_DIR, true));
if ($config['cf_editor']) if ($config['cf_editor'])
@@ -645,4 +673,4 @@ function sql_escape_string($str)
header('Pragma: no-cache'); // HTTP/1.0 header('Pragma: no-cache'); // HTTP/1.0


$html_process = new html_process(); $html_process = new html_process();
?> ?>

0 comments on commit b108ac1

Please sign in to comment.
You can’t perform that action at this time.