diff options
author | George Petculescu <gxgpet@gmail.com> | 2021-02-28 19:10:00 +0100 |
---|---|---|
committer | George Petculescu <gxgpet@gmail.com> | 2021-02-28 19:10:00 +0100 |
commit | eb770fdc6d809bc7c28d499f897c0ab2c449f669 (patch) | |
tree | 986bb277c33cea343b16071533d46598e9d91515 /system/core | |
parent | 324628c27ca82e89d5e3a85034127835d29dd9fc (diff) |
Initial implementation of samesite for CI_Input::set_cookie
Diffstat (limited to 'system/core')
-rw-r--r-- | system/core/Input.php | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/system/core/Input.php b/system/core/Input.php index 30d528b89..a7f4edee9 100644 --- a/system/core/Input.php +++ b/system/core/Input.php @@ -300,14 +300,15 @@ class CI_Input { * @param string $prefix Cookie name prefix * @param bool $secure Whether to only transfer cookies via SSL * @param bool $httponly Whether to only makes the cookie accessible via HTTP (no javascript) + * @param string $samesite SameSite attribute. NULL will avoid sending the attribute * @return void */ - public function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL) + public function set_cookie($name, $value = '', $expire = 0, $domain = '', $path = '/', $prefix = '', $secure = NULL, $httponly = NULL, $samesite = NULL) { if (is_array($name)) { // always leave 'name' in last place, as the loop will break otherwise, due to $$item - foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'httponly', 'name') as $item) + foreach (array('value', 'expire', 'domain', 'path', 'prefix', 'secure', 'httponly', 'name', 'samesite') as $item) { if (isset($name[$item])) { @@ -348,7 +349,25 @@ class CI_Input { $expire = ($expire > 0) ? time() + $expire : 0; } - setcookie($prefix.$name, $value, $expire, $path, $domain, $secure, $httponly); + if ($samesite === NULL && config_item('cookie_samesite') !== NULL) + { + $samesite = strtolower(config_item('cookie_samesite')); + } + elseif ($samesite !== NULL) + { + $samesite = strtolower($samesite); + } + + if ( ! in_array($samesite, array('lax', 'strict', 'none', NULL), TRUE)) + { + $samesite = NULL; + } + + $cookie_header = 'Set-Cookie: '.$prefix.$name.'='.rawurlencode($value); + $cookie_header .= ($expire === 0 ? '' : '; expires='.gmdate('D, d-M-Y H:i:s T', 0)); + $cookie_header .= '; path='.$path.($domain !== '' ? '; domain='.$domain : ''); + $cookie_header .= ($secure ? '; secure' : '').($httponly ? '; HttpOnly' : '').($samesite !== NULL ? '; SameSite='.$samesite : ''); + header($cookie_header); } // -------------------------------------------------------------------- |