github/torrentpier
1
0
Fork 0
mirror of https://github.com/torrentpier/torrentpier synced 2025-08-21 13:54:02 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Added 'samesite' option for setcookie() (#720)

Browse source
This commit is contained in:
Roman Kelesidis 2023-05-24 23:25:06 +07:00 committed by GitHub
commit 5ae2d9ee89
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
library/config.php
View file

@ -355,6 +355,7 @@ $bb_cfg['show_sidebar2_on_every_page'] = false;
$bb_cfg['cookie_domain'] = in_array($domain_name, [getenv('SERVER_ADDR'), 'localhost'], true) ? '' : ".$domain_name";
$bb_cfg['cookie_secure'] = $domain_ssl ? true : \TorrentPier\Helpers\IsHelper::isHTTPS();
$bb_cfg['cookie_prefix'] = 'bb_'; // 'bb_'
$bb_cfg['cookie_same_site'] = 'Lax'; // Lax, None, Strict | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
// Sessions
$bb_cfg['session_update_intrv'] = 180; // sec

4
library/includes/init_bb.php
View file

@ -74,6 +74,8 @@ define('COOKIE_PERSIST', TIMENOW + 31536000);
define('COOKIE_MAX_TRACKS', 90);
/**
* Set cookie
*
* @param $name
* @param $val
* @param int $lifetime
@ -83,12 +85,14 @@ define('COOKIE_MAX_TRACKS', 90);
function bb_setcookie($name, $val, int $lifetime = COOKIE_PERSIST, bool $httponly = false)
{
global $bb_cfg;
return setcookie($name, $val, [
'expires' => $lifetime,
'path' => $bb_cfg['script_path'],
'domain' => $bb_cfg['cookie_domain'],
'secure' => $bb_cfg['cookie_secure'],
'httponly' => $httponly,
'samesite' => $bb_cfg['cookie_same_site'],
]);
}