Skip to content

Commit 54c9f45

Browse files
paulbalandanpaulbalandan
committed
Fix default values for cookie flag attributes
1 parent 6bacf2c commit 54c9f45

2 files changed

Lines changed: 14 additions & 10 deletions

File tree

system/Cookie/Cookie.php

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -220,15 +220,19 @@ final public function __construct(string $name, string $value = '', array $optio
220220
unset($options['max-age']);
221221
}
222222

223-
// to retain backward compatibility with previous versions' fallback
224-
$prefix = $options['prefix'] ?: self::$defaults['prefix'];
225-
$path = $options['path'] ?: self::$defaults['path'];
226-
$domain = $options['domain'] ?: self::$defaults['domain'];
227-
$secure = $options['secure'] ?: self::$defaults['secure'];
228-
$httponly = $options['httponly'] ?: self::$defaults['httponly'];
223+
// to preserve backward compatibility with array-based cookies in previous CI versions
224+
$prefix = $options['prefix'] ?: self::$defaults['prefix'];
225+
$path = $options['path'] ?: self::$defaults['path'];
226+
$domain = $options['domain'] ?: self::$defaults['domain'];
227+
228+
// empty string SameSite should use the default for browsers
229229
$samesite = $options['samesite'] ?: self::$defaults['samesite'];
230230

231-
$this->validateName($name, $options['raw']);
231+
$raw = $options['raw'];
232+
$secure = $options['secure'];
233+
$httponly = $options['httponly'];
234+
235+
$this->validateName($name, $raw);
232236
$this->validatePrefix($prefix, $secure, $path, $domain);
233237
$this->validateSameSite($samesite, $secure);
234238

@@ -241,7 +245,7 @@ final public function __construct(string $name, string $value = '', array $optio
241245
$this->secure = $secure;
242246
$this->httponly = $httponly;
243247
$this->samesite = ucfirst(strtolower($samesite));
244-
$this->raw = $options['raw'];
248+
$this->raw = $raw;
245249
}
246250

247251
//=========================================================================

tests/system/HTTP/ResponseCookieTest.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -117,9 +117,9 @@ public function testCookieHTTPOnly()
117117

118118
$response->setCookie('foo', 'bar');
119119
$cookie = $response->getCookie('foo');
120-
$this->assertTrue($cookie->isHTTPOnly());
120+
$this->assertFalse($cookie->isHTTPOnly());
121121

122-
$response->setCookie(['name' => 'bee', 'value' => 'bop', 'httponly' => false]);
122+
$response->setCookie(['name' => 'bee', 'value' => 'bop', 'httponly' => true]);
123123
$cookie = $response->getCookie('bee');
124124
$this->assertTrue($cookie->isHTTPOnly());
125125
}

0 commit comments

Comments
 (0)