php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-04 06:37:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix #17843: Fix yii\web\Session::setCookieParamsInternal check param "samesite"

Browse Source
This commit is contained in:
schevgeny
2020-02-03 13:52:46 +03:00
committed by GitHub
parent 82b7ecbdf3
commit 15d425a3e3
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
framework/CHANGELOG.md
View File

@ -4,6 +4,7 @@ Yii Framework 2 Change Log
2.0.33 under development 2.0.33 under development
------------------------ ------------------------
- Bug #17843: Fix `yii\web\Session::setCookieParamsInternal` check param "samesite" (schevgeny)
- Bug #17828: Fix `yii\web\UploadedFile::saveAs()` failing when error value in `$_FILES` entry is a string (haveyaseen) - Bug #17828: Fix `yii\web\UploadedFile::saveAs()` failing when error value in `$_FILES` entry is a string (haveyaseen)
- Bug #17829: `yii\helpers\ArrayHelper::filter` now correctly filters data when passing a filter with more than 2 levels (rhertogh) - Bug #17829: `yii\helpers\ArrayHelper::filter` now correctly filters data when passing a filter with more than 2 levels (rhertogh)

4
framework/web/Session.php
View File

@ -398,8 +398,8 @@ class Session extends Component implements \IteratorAggregate, \ArrayAccess, \Co
if (PHP_VERSION_ID >= 70300) { if (PHP_VERSION_ID >= 70300) {
session_set_cookie_params($data); session_set_cookie_params($data);
} else { } else {
if (!empty($data['sameSite'])) { if (!empty($data['samesite'])) {
throw new InvalidConfigException('sameSite cookie is not supported by PHP versions < 7.3.0 (set it to null in this environment)'); throw new InvalidConfigException('samesite cookie is not supported by PHP versions < 7.3.0 (set it to null in this environment)');
} }
session_set_cookie_params($data['lifetime'], $data['path'], $data['domain'], $data['secure'], $data['httponly']); session_set_cookie_params($data['lifetime'], $data['path'], $data['domain'], $data['secure'], $data['httponly']);
} }