Skip to content
Permalink
Browse files

SessionExtension: accepts 'cookieSamesite = true'

  • Loading branch information...
dg committed Mar 9, 2019
1 parent e358c66 commit 5abc28d01e5f6879564e08247a52af1cd21220d3
Showing with 6 additions and 2 deletions.
  1. +3 −0 src/Bridges/HttpDI/SessionExtension.php
  2. +3 −2 tests/Http.DI/SessionExtension.config.phpt
@@ -59,6 +59,9 @@ public function loadConfiguration()
if (($config['cookieSecure'] ?? null) === 'auto') {
$config['cookieSecure'] = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->isSecured()');
}
if (($config['cookieSamesite'] ?? null) === true) {
$config['cookieSamesite'] = 'Lax';
}
if ($this->debugMode && $config['debugger']) {
$session->addSetup('@Tracy\Bar::addPanel', [
@@ -25,6 +25,7 @@ session:
cookiePath: /x
cookieDomain: domain
cookieSecure: yes
cookieSamesite: true
services:
foo.request: Nette\Http\Request(Nette\Http\UrlScript("http://www.nette.org"))
@@ -37,7 +38,7 @@ $container->getService('session')->start();
Assert::same(
PHP_VERSION_ID >= 70300
? ['lifetime' => 0, 'path' => '/x', 'domain' => 'nette.org', 'secure' => true, 'httponly' => true, 'samesite' => '']
: ['lifetime' => 0, 'path' => '/x', 'domain' => 'nette.org', 'secure' => true, 'httponly' => true],
? ['lifetime' => 0, 'path' => '/x', 'domain' => 'nette.org', 'secure' => true, 'httponly' => true, 'samesite' => 'Lax']
: ['lifetime' => 0, 'path' => '/x; SameSite=Lax', 'domain' => 'nette.org', 'secure' => true, 'httponly' => true],
session_get_cookie_params()
);

0 comments on commit 5abc28d

Please sign in to comment.
You can’t perform that action at this time.