From 2d4ddf57cc64f37a76e53403bc1442a54cc01897 Mon Sep 17 00:00:00 2001
From: Andrey Andreev <narf@devilix.net>
Date: Sat, 8 Jan 2022 17:02:48 +0200
Subject: [ci skip] Attempt to hack SameSite into session_set_cookie_params()
 pre-PHP7.3

---
 system/libraries/Session/Session.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system')

diff --git a/system/libraries/Session/Session.php b/system/libraries/Session/Session.php
index 9d4561616..8d3ba2857 100644
--- a/system/libraries/Session/Session.php
+++ b/system/libraries/Session/Session.php
@@ -336,7 +336,7 @@ class CI_Session {
 		{
 			session_set_cookie_params(
 				$params['cookie_lifetime'],
-				$params['cookie_path'],
+				$params['cookie_path'].'; SameSite='.$params['cookie_samesite'],
 				$params['cookie_domain'],
 				$params['cookie_secure'],
 				TRUE // HttpOnly; Yes, this is intentional and not configurable for security reasons
-- 
cgit v1.2.3-24-g4f1b