Merge branch '3.1-stable' into develop

1 files changed, 21 insertions, 16 deletions

diff --git a/system/core/Input.php b/system/core/Input.php
index 71f28221f..0beb252ed 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -365,26 +365,31 @@ class CI_Input {
 			log_message('error', $name.' cookie sent with SameSite=None, but without Secure attribute.');
 		}
 
-		if (is_php('7.3'))
-		{
-			$setcookie_options = array(
-				'expires' => $expire,
-				'path' => $path,
-				'domain' => $domain,
-				'secure' => $secure,
-				'httponly' => $httponly,
-				'samesite' => $samesite,
-			);
-			setcookie($prefix.$name, $value, $setcookie_options);
-		}
-		else
+		if ( ! is_php('7.3'))
 		{
+			$maxage = $expire - time();
+			if ($maxage < 1)
+			{
+				$maxage = 0;
+			}
+
 			$cookie_header = 'Set-Cookie: '.$prefix.$name.'='.rawurlencode($value);
-			$cookie_header .= ($expire === 0 ? '' : '; expires='.gmdate('D, d-M-Y H:i:s T', $expire));
-			$cookie_header .= '; path='.$path.($domain !== '' ? '; domain='.$domain : '');
-			$cookie_header .= ($secure ? '; secure' : '').($httponly ? '; HttpOnly' : '').'; SameSite='.$samesite;
+			$cookie_header .= ($expire === 0 ? '' : '; Expires='.gmdate('D, d-M-Y H:i:s T', $expire)).'; Max-Age='.$maxage;
+			$cookie_header .= '; Path='.$path.($domain !== '' ? '; Domain='.$domain : '');
+			$cookie_header .= ($secure ? '; Secure' : '').($httponly ? '; HttpOnly' : '').'; SameSite='.$samesite;
 			header($cookie_header);
+			return;
 		}
+
+		$setcookie_options = array(
+			'expires' => $expire,
+			'path' => $path,
+			'domain' => $domain,
+			'secure' => $secure,
+			'httponly' => $httponly,
+			'samesite' => $samesite,
+		);
+		setcookie($prefix.$name, $value, $setcookie_options);
 	}
 
 	// --------------------------------------------------------------------