Update library/Zend/Http/Header/SetCookie.php #2421

Closed
wants to merge 2 commits into
from
View
2 library/Zend/Http/Header/SetCookie.php
@@ -487,7 +487,7 @@ public function isSessionCookie()
public function isValidForRequest($requestDomain, $path, $isSecure = false)
{
- if ($this->getDomain() && (strrpos($requestDomain, $this->getDomain()) !== false)) {
+ if ($this->getDomain() && (strrpos($requestDomain, $this->getDomain()) === false)) {
return false;
}
View
14 tests/ZendTest/Http/Header/SetCookieTest.php
@@ -153,7 +153,19 @@ public function testSetCookieCanAppendOtherHeadersInWhenCreatingString()
$this->assertEquals($target, $headerLine);
}
- /** Implmentation specific tests here */
+ public function testIsValidForRequestSubdomainMatch()
+ {
+ $setCookieHeader = new SetCookie(
+ 'myname', 'myvalue', 'Wed, 13-Jan-2021 22:23:01 GMT',
+ '/accounts', '.foo.com', true, true, 99, 9
+ );
+ $this->assertTrue($setCookieHeader->isValidForRequest('bar.foo.com', '/accounts', true));
+ $this->assertFalse($setCookieHeader->isValidForRequest('bar.foooo.com', '/accounts', true)); // false because of domain
+ $this->assertFalse($setCookieHeader->isValidForRequest('bar.foo.com', '/accounts', false)); // false because of isSecure
+ $this->assertFalse($setCookieHeader->isValidForRequest('bar.foo.com', '/somethingelse', true)); // false because of path
+ }
+
+ /** Implementation specific tests here */
/**
* @group ZF2-169