diff options
| author | jvoisin | 2025-10-01 13:44:06 +0200 |
|---|---|---|
| committer | Julien Voisin | 2025-10-01 13:59:45 +0200 |
| commit | 9509733befcb4010bc77b06fcf41e77078976e80 (patch) | |
| tree | dab8940dd797363b6f7105a1358ca23995ce82ef /src | |
| parent | 5ddd783a19dfc1428cfd02cabc55177b3a488a28 (diff) | |
Fix a cookie-related warning for PHP8.5.0
```
========DIFF========
001- OK
001+ Fatal error: Uncaught ValueError: setcookie(): "partitioned" option cannot be used without "secure" option in /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php:2
002+ Stack trace:
003+ #0 /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php(2): setcookie('super_cookie', 'super_value')
004+ #1 {main}
005+ thrown in /builddir/build/BUILD/snuffleupagus-1c7598c432551d0c49c2c57f249ccd5ccabce638/src/tests/samesite_cookies.php on line 2
========DONE========
FAIL Cookie samesite [tests/samesite_cookies.phpt]
```
Even though the warning might be spurious, let's fix this properly, by
initialising `partitioned` to false, and by setting it only if `secure` is set
as well.
Diffstat (limited to 'src')
| -rw-r--r-- | src/sp_cookie_encryption.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c index ec5c7c2..888d217 100644 --- a/src/sp_cookie_encryption.c +++ b/src/sp_cookie_encryption.c | |||
| @@ -104,7 +104,7 @@ static void php_head_parse_cookie_options_array( | |||
| 104 | 104 | ||
| 105 | PHP_FUNCTION(sp_setcookie) { | 105 | PHP_FUNCTION(sp_setcookie) { |
| 106 | #if PHP_VERSION_ID >= 80500 | 106 | #if PHP_VERSION_ID >= 80500 |
| 107 | zend_bool partitioned; | 107 | zend_bool partitioned = false; |
| 108 | #endif | 108 | #endif |
| 109 | zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL, | 109 | zend_string *name = NULL, *value = NULL, *path = NULL, *domain = NULL, |
| 110 | *value_enc = NULL, | 110 | *value_enc = NULL, |
| @@ -144,12 +144,11 @@ PHP_FUNCTION(sp_setcookie) { | |||
| 144 | RETURN_FALSE; | 144 | RETURN_FALSE; |
| 145 | } | 145 | } |
| 146 | php_head_parse_cookie_options_array(expires_or_options, &expires, &path, | 146 | php_head_parse_cookie_options_array(expires_or_options, &expires, &path, |
| 147 | &domain, &secure, &httponly, | 147 | &domain, &secure, &httponly, &samesite |
| 148 | #if PHP_VERSION_ID < 80500 | 148 | #if PHP_VERSION_ID >= 80500 |
| 149 | &samesite); | 149 | , &partitioned |
| 150 | #else | ||
| 151 | &samesite, &partitioned); | ||
| 152 | #endif | 150 | #endif |
| 151 | ); | ||
| 153 | } else { | 152 | } else { |
| 154 | expires = zval_get_long(expires_or_options); | 153 | expires = zval_get_long(expires_or_options); |
| 155 | } | 154 | } |
| @@ -214,6 +213,10 @@ PHP_FUNCTION(sp_setcookie) { | |||
| 214 | if (php_setcookie(name, (value_enc ? value_enc : value), expires, path, | 213 | if (php_setcookie(name, (value_enc ? value_enc : value), expires, path, |
| 215 | domain, secure, httponly, samesite, 1) == SUCCESS) { | 214 | domain, secure, httponly, samesite, 1) == SUCCESS) { |
| 216 | #else | 215 | #else |
| 216 | if (!secure) { | ||
| 217 | // Can't have partitioned cookies without the secure flag. | ||
| 218 | partitioned = false; | ||
| 219 | } | ||
| 217 | if (php_setcookie(name, (value_enc ? value_enc : value), expires, path, | 220 | if (php_setcookie(name, (value_enc ? value_enc : value), expires, path, |
| 218 | domain, secure, httponly, samesite, partitioned, false) == SUCCESS) { | 221 | domain, secure, httponly, samesite, partitioned, false) == SUCCESS) { |
| 219 | #endif | 222 | #endif |