summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session/Session_driver.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2022-01-05 17:52:24 +0100
committerAndrey Andreev <narf@devilix.net>2022-01-05 17:52:24 +0100
commit1a2651040ef701e750b1c13cd69cc70814b079d0 (patch)
tree50d2317b96af4f26945f8a1f8a59c37629ce4586 /system/libraries/Session/Session_driver.php
parentf370f2c042905e521fa3a25283f7e275606a8724 (diff)
Add SameSite cookie support to Session library
Diffstat (limited to 'system/libraries/Session/Session_driver.php')
-rw-r--r--system/libraries/Session/Session_driver.php24
1 files changed, 19 insertions, 5 deletions
diff --git a/system/libraries/Session/Session_driver.php b/system/libraries/Session/Session_driver.php
index d78492b5e..b1b1b073e 100644
--- a/system/libraries/Session/Session_driver.php
+++ b/system/libraries/Session/Session_driver.php
@@ -140,14 +140,28 @@ abstract class CI_Session_driver {
*/
protected function _cookie_destroy()
{
+ if ( ! is_php('7.3'))
+ {
+ $header = 'Set-Cookie: '.$this->_config['cookie_name'].'=';
+ $header .= '; Expires='.gmdate('D, d-M-Y H:i:s T', 1).'; Max-Age=-1';
+ $header .= '; Path='.$this->_config['cookie_path'];
+ $header .= ($this->_config['cookie_domain'] !== '' ? '; Domain='.$this->_config['cookie_domain'] : '');
+ $header .= ($this->_config['cookie_secure'] ? '; Secure' : '').'; HttpOnly; SameSite='.$this->_config['cookie_samesite'];
+ header($header);
+ return;
+ }
+
return setcookie(
$this->_config['cookie_name'],
NULL,
- 1,
- $this->_config['cookie_path'],
- $this->_config['cookie_domain'],
- $this->_config['cookie_secure'],
- TRUE
+ array(
+ 'expires' => 1,
+ 'path' => $this->_config['cookie_path'],
+ 'domain' => $this->_config['cookie_domain'],
+ 'secure' => $this->_config['cookie_secure'],
+ 'httponly' => TRUE,
+ 'samesite' => $this->_config['cookie_samesite']
+ )
);
}