Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 4bdea1f

Browse filesBrowse files
Guillaume Pédelagrabenicolas-grekas
Guillaume Pédelagrabe
authored and
nicolas-grekas
committed
[Http Foundation] Fix clear cookie samesite
1 parent e3cc3bd commit 4bdea1f
Copy full SHA for 4bdea1f

File tree

Expand file treeCollapse file tree

2 files changed

+13
-2
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+13
-2
lines changed

‎src/Symfony/Component/HttpFoundation/ResponseHeaderBag.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/ResponseHeaderBag.php
+5-2Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -244,10 +244,13 @@ public function getCookies($format = self::COOKIES_FLAT)
244244
* @param string $domain
245245
* @param bool $secure
246246
* @param bool $httpOnly
247+
* @param string $sameSite
247248
*/
248-
public function clearCookie($name, $path = '/', $domain = null, $secure = false, $httpOnly = true)
249+
public function clearCookie($name, $path = '/', $domain = null, $secure = false, $httpOnly = true/*, $sameSite = null*/)
249250
{
250-
$this->setCookie(new Cookie($name, null, 1, $path, $domain, $secure, $httpOnly));
251+
$sameSite = \func_num_args() > 5 ? func_get_arg(5) : null;
252+
253+
$this->setCookie(new Cookie($name, null, 1, $path, $domain, $secure, $httpOnly, false, $sameSite));
251254
}
252255

253256
/**

‎src/Symfony/Component/HttpFoundation/Tests/ResponseHeaderBagTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/ResponseHeaderBagTest.php
+8Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,14 @@ public function testClearCookieSecureNotHttpOnly()
128128
$this->assertSetCookieHeader('foo=deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001).'; Max-Age=0; path=/; secure', $bag);
129129
}
130130

131+
public function testClearCookieSamesite()
132+
{
133+
$bag = new ResponseHeaderBag([]);
134+
135+
$bag->clearCookie('foo', '/', null, true, false, 'none');
136+
$this->assertSetCookieHeader('foo=deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001).'; Max-Age=0; path=/; secure; samesite=none', $bag);
137+
}
138+
131139
public function testReplace()
132140
{
133141
$bag = new ResponseHeaderBag([]);

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.