Cherry pick 43504 into release/8.5 (#43559)

* Limit cookie dedupe logic to only WooCommerce Cart cookies (#43504) * limit check to only Woo cookies * limit logic to woo cookies only * add changelog * no need for set-cookie prefix * Prep for cherry pick 43504 --------- Co-authored-by: Seghir Nadir <nadir.seghir@gmail.com> Co-authored-by: WooCommerce Bot <no-reply@woo.com>
woocommerce · Jan 12, 2024 · b5b31c0 · b5b31c0
1 parent df9d02e
commit b5b31c0
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 10 deletions.
diff --git a/plugins/woocommerce/includes/class-wc-cart-session.php b/plugins/woocommerce/includes/class-wc-cart-session.php
@@ -272,27 +272,52 @@ public function maybe_set_cart_cookies() {
 	 * Remove duplicate cookies from the response.
 	 */
 	private function dedupe_cookies() {
+		$all_cookies    = array_filter(
+			headers_list(),
+			function( $header ) {
+				return stripos( $header, 'Set-Cookie:' ) !== false;
+			}
+		);
 		$final_cookies  = array();
 		$update_cookies = false;
+		foreach ( $all_cookies as $cookie ) {
 
-		foreach ( headers_list() as $header ) {
-			if ( stripos( $header, 'Set-Cookie:' ) === false ) {
-				continue;
-			}
-			list(, $cookie_value)             = explode( ':', $header, 2 );
+			list(, $cookie_value)             = explode( ':', $cookie, 2 );
 			list($cookie_name, $cookie_value) = explode( '=', trim( $cookie_value ), 2 );
-			if ( array_key_exists( $cookie_name, $final_cookies ) ) {
-				$update_cookies = true;
+
+			if ( stripos( $cookie_name, 'woocommerce_' ) !== false ) {
+				$key = $this->find_cookie_by_name( $cookie_name, $final_cookies );
+				if ( false !== $key ) {
+					$update_cookies = true;
+					unset( $final_cookies[ $key ] );
+				}
 			}
-			$final_cookies[ $cookie_name ] = $cookie_value;
+			$final_cookies[] = $cookie;
 		}
+
 		if ( $update_cookies ) {
 			header_remove( 'Set-Cookie' );
-			foreach ( $final_cookies as $cookie_name => $cookie_value ) {
+			foreach ( $final_cookies as $cookie ) {
 				// Using header here preserves previous cookie args.
-				header( "Set-Cookie: {$cookie_name}={$cookie_value}", false );
+				header( $cookie, false );
+			}
+		}
+	}
+
+	/**
+	 * Find a cookie by name in an array of cookies.
+	 *
+	 * @param  string $cookie_name Name of the cookie to find.
+	 * @param  array  $cookies     Array of cookies to search.
+	 * @return mixed               Key of the cookie if found, false if not.
+	 */
+	private function find_cookie_by_name( $cookie_name, $cookies ) {
+		foreach ( $cookies as $key => $cookie ) {
+			if ( strpos( $cookie, $cookie_name ) !== false ) {
+				return $key;
 			}
 		}
+		return false;
 	}
 
 	/**

diff --git a/plugins/woocommerce/readme.txt b/plugins/woocommerce/readme.txt
@@ -175,6 +175,7 @@ WooCommerce comes with some sample data you can use to see how products look; im
 
 **WooCommerce**
 
+* Fix - Limit cookie deduping to WooCommerce cookies only. [#43504](https://github.com/woocommerce/woocommerce/pull/43504)
 * Fix - Fix WooCommerce Settings and Analytics commands with tags breaking the command palette [#43269](https://github.com/woocommerce/woocommerce/pull/43269)
 * Fix - Fix fatal error. Do not access change_feature_enable() statically. [#43428](https://github.com/woocommerce/woocommerce/pull/43428)