Skip to content

Commit

Permalink
Merge pull request #201 from halilsafakkilic/master
Browse files Browse the repository at this point in the history 
Added None to the allowed SameSite parameters in toHeader method.
  • Loading branch information
@l0gicgate
l0gicgate committed Sep 21, 2021
2 parents b7d40be + ad10498 commit 3f07ae4
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/Cookies.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@ protected function toHeader(string $name, array $properties): string
$result .= '; HttpOnly';
}

if (isset($properties['samesite']) && in_array(strtolower($properties['samesite']), ['lax', 'strict'], true)) {
if (isset($properties['samesite']) && in_array(strtolower($properties['samesite']), ['lax', 'strict', 'none'], true)) {
// While strtolower is needed for correct comparison, the RFC doesn't care about case
$result .= '; SameSite=' . $properties['samesite'];
}
Expand Down
7 changes: 7 additions & 0 deletions tests/CookiesTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,4 +275,11 @@ public function testParseHeaderException()

Cookies::parseHeader(new stdClass());
}

public function testSetSameSiteNoneToHeaders()
{
$cookies = new Cookies();
$cookies->set('foo', ['value' => 'bar', 'samesite' => 'None']);
$this->assertEquals('foo=bar; SameSite=None', $cookies->toHeaders()[0]);
}
}

0 comments on commit 3f07ae4

Please sign in to comment.