diff options
| author | Remi Collet | 2018-07-10 12:01:12 +0200 |
|---|---|---|
| committer | xXx-caillou-xXx | 2018-07-10 12:01:12 +0200 |
| commit | 12b740bc7bb01ffe397cecc5b6fa25b136304911 (patch) | |
| tree | 5d2d4905c3c5aaf557283e6d2df95a94af56f055 /src/sp_cookie_encryption.c | |
| parent | 5da3a92492bf169e62367d954cfa7432bee51fed (diff) | |
Fix #183 (#185)
* relax test to pass with 7.3
* skip test with 7.3 as samesite is broken + add TODO
Diffstat (limited to 'src/sp_cookie_encryption.c')
| -rw-r--r-- | src/sp_cookie_encryption.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c index 72223ad..6cb1ff7 100644 --- a/src/sp_cookie_encryption.c +++ b/src/sp_cookie_encryption.c | |||
| @@ -108,8 +108,9 @@ PHP_FUNCTION(sp_setcookie) { | |||
| 108 | ZVAL_LONG(¶ms[6], httponly); | 108 | ZVAL_LONG(¶ms[6], httponly); |
| 109 | } | 109 | } |
| 110 | 110 | ||
| 111 | /* param[3](path) is concatenated to path= and is not filtered, we can inject | 111 | /* param[3](path) is concatenated to path= and is not filtered in PHP < 7.3 |
| 112 | the samesite parameter here */ | 112 | we can inject the samesite parameter here |
| 113 | TODO find another solution with 7.3 */ | ||
| 113 | if (cookie_node && cookie_node->samesite) { | 114 | if (cookie_node && cookie_node->samesite) { |
| 114 | if (!path) { | 115 | if (!path) { |
| 115 | path = zend_string_init("", 0, 0); | 116 | path = zend_string_init("", 0, 0); |