Merge branch 'QA_5_1'

Signed-off-by: William Desportes <williamdes@wdes.fr>
phpmyadmin · Jul 22, 2021 · 5b8cd0f · 5b8cd0f
2 parents 7e567be + be64a4f
commit 5b8cd0f
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/libraries/classes/Session.php b/libraries/classes/Session.php
@@ -183,7 +183,7 @@ public static function setUp(Config $config, ErrorHandler $errorHandler)
         ini_set('session.cookie_httponly', '1');
         if (PHP_VERSION_ID >= 70300) {
             // add SameSite to the session cookie
-            ini_set('session.cookie_samesite', $config->get('CookieSameSite'));
+            ini_set('session.cookie_samesite', $config->get('CookieSameSite') ?? '');
         }
 
         // do not force transparent session ids

diff --git a/libraries/config.default.php b/libraries/config.default.php
@@ -786,7 +786,12 @@
 /**
  * sets SameSite attribute of the Set-Cookie HTTP response header
  *
- * @global boolean $cfg['CookieSameSite']
+ * Valid values are:
+ *    - Lax
+ *    - Strict
+ *    - None
+ *
+ * @global string $cfg['CookieSameSite']
  */
  $cfg['CookieSameSite'] = 'Strict';