HttpExtension: added option 'disableNetteCookie' [Closes #205]

src/Bridges/HttpDI/HttpExtension.php

@@ -43,6 +43,7 @@ public function getConfigSchema(): Nette\Schema\Schema
 			'cookiePath' => Expect::string(),
 			'cookieDomain' => Expect::string(),
 			'cookieSecure' => Expect::anyOf('auto', null, true, false)->firstIsDefault(), // Whether the cookie is available only through HTTPS
+			'disableNetteCookie' => Expect::bool(false), // disables cookie use by Nette
 		]);
 	}
 
@@ -133,10 +134,12 @@ private function sendHeaders()
 			}
 		}
 
-		$this->initialization->addBody(
-			'Nette\Http\Helpers::initCookie($this->getService(?), $response);',
-			[$this->prefix('request')]
-		);
+		if (!$config->disableNetteCookie) {
+			$this->initialization->addBody(
+				'Nette\Http\Helpers::initCookie($this->getService(?), $response);',
+				[$this->prefix('request')]
+			);
+		}
 	}
 
 

tests/Http.DI/HttpExtension.sameSiteProtection.disabled.phpt

@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+use Nette\Bridges\HttpDI\HttpExtension;
+use Nette\DI;
+use Tester\Assert;
+
+
+require __DIR__ . '/../bootstrap.php';
+
+if (PHP_SAPI === 'cli') {
+	Tester\Environment::skip('Headers are not testable in CLI mode');
+}
+
+
+$compiler = new DI\Compiler;
+$compiler->addExtension('http', new HttpExtension);
+$loader = new DI\Config\Loader;
+$config = $loader->load(Tester\FileMock::create(<<<'EOD'
+http:
+	disableNetteCookie: yes
+EOD
+, 'neon'));
+
+eval($compiler->addConfig($config)->compile());
+
+$container = new Container;
+$container->initialize();
+
+$headers = headers_list();
+Assert::notContains('Set-Cookie: _nss=1', implode('', $headers));