Rename a documentation file

author: jvoisin 2019-01-09 20:55:25 +0100
committer: jvoisin 2019-01-09 20:55:25 +0100
commit: cc72d0659cd7f591cce779a4afda775bb8518242 (patch)
tree: 7a2146e54153a11329df81555d48742649de3903 /doc/source/cookies.rst
parent: 5e3ce30b1eadea34b6af1be46749b8f97540a9e2 (diff)
1 files changed, 142 insertions, 0 deletions
diff --git a/doc/source/cookies.rst b/doc/source/cookies.rst
new file mode 100644
index 0000000..856927d
--- /dev/null
+++ b/doc/source/cookies.rst
@@ -0,0 +1,142 @@
+.. _cookie-encryption-page:
+Cookies
+=======
+Some cookies-related features might prevent other extensions from hooking
+the `setcookie <https://secure.php.net/manual/en/function.setcookie.php>`__
+function. Pay attention to the loading order of your extensions in this case.
+auto_cookie_secure
+""""""""""""""""""
+ 
+:ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default,
+will automatically mark cookies as `secure
+<https://en.wikipedia.org/wiki/HTTP_cookie#Secure_cookie>`_ when the web page
+is requested over HTTPS.
+It can either be ``enabled`` or ``disabled``.
+::
+  sp.auto_cookie_secure.enable();
+  sp.auto_cookie_secure.disable();
+cookie_samesite
+"""""""""""""""
+ 
+:ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite
+<https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to
+cookies. It `prevents CSRF <https://www.owasp.org/index.php/SameSite>`_ but is
+not implemented by `all web browsers <https://caniuse.com/#search=samesite>`_
+yet.
+It can either be set to ``strict`` or ``lax``:
+- The ``lax`` attribute prevents cookies from being sent cross-domain for
+  "dangerous" methods, like ``POST``, ``PUT`` or ``DELETE``.
+- The ``strict`` one prevents any cookies from beind sent cross-domain.
+::
+  sp.cookie.name("cookie1").samesite("lax");
+  sp.cookie.name("cookie2").samesite("strict");;
+Cookie encryption
+"""""""""""""""""
+   
+The encryption is done via the `tweetnacl library <https://tweetnacl.cr.yp.to/>`_,
+thus using `curve25519 <https://en.wikipedia.org/wiki/Curve25519>`__, `xsalsa20 <https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant>`__ and `poly1305 <https://en.wikipedia.org/wiki/Poly1305>`__ for the encryption. We chose this
+library because of its portability, license (public-domain), simplicity and reduced size (a single `.h` and
+`.c` file.).
+The key is derived from multiple sources, such as:
+ * The ``secret_key`` provided in the configuration in the ``sp.global.secret_key``
+   option. It's recommended to use something like ``head -c 256 /dev/urandom | tr -dc
+   'a-zA-Z0-9'`` as a value.
+ * An optional environment variable, such as ``REMOTE_ADDR`` (remote IP address) or the *extended master secret* from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_) in the ``sp.global.cookie_env_var`` option.
+ * The `user-agent <https://en.wikipedia.org/wiki/User_agent>`__.
+.. warning::
+  To use this feature, you **must** set the :ref:`global.secret_key <config_global>` variable
+  and **should** set the :ref:`global.cookie_env_var <config_global>` one too.
+  This design decision prevents an attacker from
+  `trivially bruteforcing <https://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/>`_
+  or re-using session cookies.
+  If the simulation mode isn’t specified in the configuration, snuffleupagus will drop any request that it was unable to decrypt.
+Since PHP doesn't handle session cookie and non-session cookie in the same way,
+so does Snuffleupagus.
+Session cookie
+..............
+For the session cookie, the encryption happens server-side: Nothing is
+encrypted in the cookie: neither the cookie's name (usually ``PHPSESSID``) nor
+its content (the session's name).  What is in fact encrypted, is the session's
+content, on the server (usually stored in ``/tmp/sess_<XXXX>`` files).
+:ref:`Session encryption <cookie-encryption-feature>`, disabled by default, will activate transparent session encryption.
+It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
+::
+  sp.session.encrypt();
+  sp.session.simulation();
+Non-session cookie
+..................
+For the non-session cookie, the cookie's name is left untouched, only its value is encrypted.
+:ref:`Cookie encryption <cookie-encryption-feature>`, disabled by default, will activate transparent encryption of specific cookies.
+It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
+::
+  sp.cookie.name("my_cookie_name").encrypt();
+  sp.cookie.name("another_cookie_name").encrypt();
+Removing the user-agent part
+............................
+Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__
+might be configured to change the user-agent on a regular basis. If you think that
+some of your users might be using configurations like this, you might want to disable
+the mixing of the user-agent in the cookie's encryption key. The simplest way to do
+so is to set the environment variable ``HTTP_USER_AGENT`` to a fixed value before passing
+it to your php process.
+We think that this use case is too exotic to be worth implementing as a
+proper configuration directive.
+.. _env-var-config:
+Choosing the proper environment variable
+........................................
+It's up to you to choose a meaningful environment variable to derive the key from.
+Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_
+the ``REMOTE_ADDR`` one, tying the validity of the cookie to the IP address of the user;
+unfortunately, nowadays, people are `roaming <https://en.wikipedia.org/wiki/Roaming>`_ a lot on their smartphone,
+hopping from WiFi to 4G.
+This is why we recommend, if possible, to use the *extended master secret*
+from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
+instead. The will make the validity of the cookie TLS-dependent, by using the ``SSL_SESSION_ID`` variable.
+- In `Apache <https://httpd.apache.org/docs/current/mod/mod_ssl.html>`_,
+  it is possible to enable by adding ``SSLOptions StdEnvVars`` in your Apache2 configuration.
+- In `nginx <https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables>`_,
+  you have to use ``fastcgi_param SSL_SESSION_ID $ssl_session_id if_not_empty;``.
+If you aren't using TLS (you should be), you can always use the ``REMOTE_ADDR`` one,
+or ``X-Real-IP`` if you're behind a reverse proxy.
author	jvoisin	2019-01-09 20:55:25 +0100
committer	jvoisin	2019-01-09 20:55:25 +0100
commit	cc72d0659cd7f591cce779a4afda775bb8518242 (patch)
tree	7a2146e54153a11329df81555d48742649de3903 /doc/source/cookies.rst
parent	5e3ce30b1eadea34b6af1be46749b8f97540a9e2 (diff)

diff --git a/doc/source/cookies.rst b/doc/source/cookies.rst new file mode 100644 index 0000000..856927d --- /dev/null +++ b/doc/source/cookies.rst
@@ -0,0 +1,142 @@
	1	.. _cookie-encryption-page:
	2
	3	Cookies
	4	=======
	5
	6	Some cookies-related features might prevent other extensions from hooking
	7	the `setcookie <https://secure.php.net/manual/en/function.setcookie.php>`__
	8	function. Pay attention to the loading order of your extensions in this case.
	9
	10	auto_cookie_secure
	11	""""""""""""""""""
	12
	13	:ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default,
	14	will automatically mark cookies as `secure
	15	<https://en.wikipedia.org/wiki/HTTP_cookie#Secure_cookie>`_ when the web page
	16	is requested over HTTPS.
	17
	18	It can either be ``enabled`` or ``disabled``.
	19
	20	::
	21
	22	sp.auto_cookie_secure.enable();
	23	sp.auto_cookie_secure.disable();
	24
	25	cookie_samesite
	26	"""""""""""""""
	27
	28	:ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite
	29	<https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to
	30	cookies. It `prevents CSRF <https://www.owasp.org/index.php/SameSite>`_ but is
	31	not implemented by `all web browsers <https://caniuse.com/#search=samesite>`_
	32	yet.
	33
	34	It can either be set to ``strict`` or ``lax``:
	35
	36	- The ``lax`` attribute prevents cookies from being sent cross-domain for
	37	"dangerous" methods, like ``POST``, ``PUT`` or ``DELETE``.
	38
	39	- The ``strict`` one prevents any cookies from beind sent cross-domain.
	40
	41	::
	42
	43	sp.cookie.name("cookie1").samesite("lax");
	44	sp.cookie.name("cookie2").samesite("strict");;
	45
	46
	47	Cookie encryption
	48	"""""""""""""""""
	49
	50	The encryption is done via the `tweetnacl library <https://tweetnacl.cr.yp.to/>`_,
	51	thus using `curve25519 <https://en.wikipedia.org/wiki/Curve25519>`__, `xsalsa20 <https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant>`__ and `poly1305 <https://en.wikipedia.org/wiki/Poly1305>`__ for the encryption. We chose this
	52	library because of its portability, license (public-domain), simplicity and reduced size (a single `.h` and
	53	`.c` file.).
	54
	55	The key is derived from multiple sources, such as:
	56	* The ``secret_key`` provided in the configuration in the ``sp.global.secret_key``
	57	option. It's recommended to use something like ``head -c 256 /dev/urandom \| tr -dc
	58	'a-zA-Z0-9'`` as a value.
	59	* An optional environment variable, such as ``REMOTE_ADDR`` (remote IP address) or the extended master secret from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_) in the ``sp.global.cookie_env_var`` option.
	60	* The `user-agent <https://en.wikipedia.org/wiki/User_agent>`__.
	61
	62
	63	.. warning::
	64
	65	To use this feature, you must set the :ref:`global.secret_key <config_global>` variable
	66	and should set the :ref:`global.cookie_env_var <config_global>` one too.
	67	This design decision prevents an attacker from
	68	`trivially bruteforcing <https://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/>`_
	69	or re-using session cookies.
	70	If the simulation mode isn’t specified in the configuration, snuffleupagus will drop any request that it was unable to decrypt.
	71
	72	Since PHP doesn't handle session cookie and non-session cookie in the same way,
	73	so does Snuffleupagus.
	74
	75
	76	Session cookie
	77	..............
	78
	79	For the session cookie, the encryption happens server-side: Nothing is
	80	encrypted in the cookie: neither the cookie's name (usually ``PHPSESSID``) nor
	81	its content (the session's name). What is in fact encrypted, is the session's
	82	content, on the server (usually stored in ``/tmp/sess_<XXXX>`` files).
	83
	84	:ref:`Session encryption <cookie-encryption-feature>`, disabled by default, will activate transparent session encryption.
	85	It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
	86
	87	::
	88
	89	sp.session.encrypt();
	90	sp.session.simulation();
	91
	92
	93	Non-session cookie
	94	..................
	95
	96	For the non-session cookie, the cookie's name is left untouched, only its value is encrypted.
	97
	98	:ref:`Cookie encryption <cookie-encryption-feature>`, disabled by default, will activate transparent encryption of specific cookies.
	99
	100	It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
	101
	102	::
	103
	104	sp.cookie.name("my_cookie_name").encrypt();
	105	sp.cookie.name("another_cookie_name").encrypt();
	106
	107
	108	Removing the user-agent part
	109	............................
	110
	111	Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__
	112	might be configured to change the user-agent on a regular basis. If you think that
	113	some of your users might be using configurations like this, you might want to disable
	114	the mixing of the user-agent in the cookie's encryption key. The simplest way to do
	115	so is to set the environment variable ``HTTP_USER_AGENT`` to a fixed value before passing
	116	it to your php process.
	117
	118	We think that this use case is too exotic to be worth implementing as a
	119	proper configuration directive.
	120
	121	.. _env-var-config:
	122
	123	Choosing the proper environment variable
	124	........................................
	125
	126	It's up to you to choose a meaningful environment variable to derive the key from.
	127	Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_
	128	the ``REMOTE_ADDR`` one, tying the validity of the cookie to the IP address of the user;
	129	unfortunately, nowadays, people are `roaming <https://en.wikipedia.org/wiki/Roaming>`_ a lot on their smartphone,
	130	hopping from WiFi to 4G.
	131
	132	This is why we recommend, if possible, to use the extended master secret
	133	from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
	134	instead. The will make the validity of the cookie TLS-dependent, by using the ``SSL_SESSION_ID`` variable.
	135
	136	- In `Apache <https://httpd.apache.org/docs/current/mod/mod_ssl.html>`_,
	137	it is possible to enable by adding ``SSLOptions StdEnvVars`` in your Apache2 configuration.
	138	- In `nginx <https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables>`_,
	139	you have to use ``fastcgi_param SSL_SESSION_ID $ssl_session_id if_not_empty;``.
	140
	141	If you aren't using TLS (you should be), you can always use the ``REMOTE_ADDR`` one,
	142	or ``X-Real-IP`` if you're behind a reverse proxy.