CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getSameSite example
$str .= '; domain='.$this->getDomain();
}
if (true === $this->isSecure()) {
$str .= '; secure';
}
if (true === $this->isHttpOnly()) {
$str .= '; httponly';
}
if (null !== $this->getSameSite()) {
$str .= '; samesite='.$this->getSameSite();
}
return $str;
}
/** * Gets the name of the cookie. */
public function getName(): string
{
}
if (true === $this->isSecure()) {
$str .= '; secure';
}
if (true === $this->isHttpOnly()) {
$str .= '; httponly';
}
if (null !== $this->getSameSite()) {
$str .= '; samesite='.$this->getSameSite();
}
return $str;
}
/** * Gets the name of the cookie. */
public function getName(): string
{
$this->assertEquals('test', $cookies[1]->getName());
$this->assertNull($cookies[1]->getValue());
$this->assertEquals('ABC', $cookies[2]->getName());
$this->assertEquals('AeD', $cookies[2]->getValue());
$this->assertEquals(strtotime('Wed, 13 Jan 2021 22:23:01 GMT'), $cookies[2]->getExpiresTime());
$this->assertEquals('dunglas.fr', $cookies[2]->getDomain());
$this->assertEquals('/kevin', $cookies[2]->getPath());
$this->assertTrue($cookies[2]->isSecure());
$this->assertTrue($cookies[2]->isHttpOnly());
if (\defined('Symfony\Component\HttpFoundation\Cookie::SAMESITE_STRICT')) {
$this->assertEquals(Cookie::SAMESITE_STRICT, $cookies[2]->getSameSite());
}
$this->assertEquals('The response body', $symfonyResponse->getContent());
$this->assertEquals(200, $symfonyResponse->getStatusCode());
$symfonyResponse = $this->factory->createResponse($response, true);
ob_start();
$symfonyResponse->sendContent();
$sentContent = ob_get_clean();
$this->assertNull($cookies[1]->getValue());
$this->assertEquals('ABC', $cookies[2]->getName());
$this->assertEquals('AeD', $cookies[2]->getValue());
$this->assertEquals(strtotime('Wed, 13 Jan 2021 22:23:01 GMT'), $cookies[2]->getExpiresTime());
$this->assertEquals('dunglas.fr', $cookies[2]->getDomain());
$this->assertEquals('/kevin', $cookies[2]->getPath());
$this->assertTrue($cookies[2]->isSecure());
$this->assertTrue($cookies[2]->isHttpOnly());
if (\defined('Symfony\Component\HttpFoundation\Cookie::SAMESITE_STRICT')) {
$this->assertEquals(Cookie::SAMESITE_STRICT, $cookies[2]->getSameSite());
}
$this->assertEquals('The response body', $symfonyResponse->getContent());
$this->assertEquals(200, $symfonyResponse->getStatusCode());
$symfonyResponse = $this->factory->createResponse($response, true);
ob_start();
$symfonyResponse->sendContent();
$sentContent = ob_get_clean();
$this->assertCount(0, $cookies);
$listener->onLogout($event);
$cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
$this->assertCount(2, $cookies);
$cookie = $cookies['foo.foo']['/foo']['foo'];
$this->assertEquals('foo', $cookie->getName());
$this->assertEquals('/foo', $cookie->getPath());
$this->assertEquals('foo.foo', $cookie->getDomain());
$this->assertEquals(Cookie::SAMESITE_STRICT, $cookie->getSameSite());
$this->assertTrue($cookie->isSecure());
$this->assertTrue($cookie->isCleared());
$cookie = $cookies['']['/']['foo2'];
$this->assertStringStartsWith('foo2', $cookie->getName());
$this->assertEquals('/', $cookie->getPath());
$this->assertNull($cookie->getDomain());
$this->assertNull($cookie->getSameSite());
$this->assertFalse($cookie->isSecure());
$this->assertTrue($cookie->isCleared());
}
}
$listener->onLogout($event);
$cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
$this->assertCount(2, $cookies);
$cookie = $cookies['foo.foo']['/foo']['foo'];
$this->assertEquals('foo', $cookie->getName());
$this->assertEquals('/foo', $cookie->getPath());
$this->assertEquals('foo.foo', $cookie->getDomain());
$this->assertEquals(Cookie::SAMESITE_STRICT, $cookie->getSameSite());
$this->assertTrue($cookie->isSecure());
$this->assertTrue($cookie->isCleared());
$cookie = $cookies['']['/']['foo2'];
$this->assertStringStartsWith('foo2', $cookie->getName());
$this->assertEquals('/', $cookie->getPath());
$this->assertNull($cookie->getDomain());
$this->assertNull($cookie->getSameSite());
$this->assertFalse($cookie->isSecure());
$this->assertTrue($cookie->isCleared());
}
}
/** * Configuration. * * Handle input binds and configuration defaults. */
protected function configure()
{
ini_set('session.name', $this->config->cookieName);
$sameSite = $this->cookie->getSameSite() ?: ucfirst(Cookie::SAMESITE_LAX);
$params = [
'lifetime' => $this->config->expiration,
'path' => $this->cookie->getPath(),
'domain' => $this->cookie->getDomain(),
'secure' => $this->cookie->isSecure(),
'httponly' => true, // HTTP only; Yes, this is intentional and not configurable for security reasons. 'samesite' => $sameSite,
];
ini_set('session.cookie_samesite', $sameSite);
$cookieHeader[] = 'Domain=' . $this->getDomain();
}
if ($this->isSecure()) {
$cookieHeader[] = 'Secure';
}
if ($this->isHTTPOnly()) {
$cookieHeader[] = 'HttpOnly';
}
$samesite = $this->getSameSite();
if ($samesite === '') {
// modern browsers warn in console logs that an empty SameSite attribute // will be given the `Lax` value $samesite = self::SAMESITE_LAX;
}
$cookieHeader[] = 'SameSite=' . ucfirst(strtolower($samesite));
return implode('; ', $cookieHeader);
}
}
if ($this->isSecure()) {
$cookieHeader[] = 'Secure';
}
if ($this->isHTTPOnly()) {
$cookieHeader[] = 'HttpOnly';
}
$samesite = $this->getSameSite();
if ($samesite === '') {
// modern browsers warn in console logs that an empty SameSite attribute // will be given the `Lax` value $samesite = self::SAMESITE_LAX;
}
$cookieHeader[] = 'SameSite=' . ucfirst(strtolower($samesite));
return implode('; ', $cookieHeader);
}
$response = $this->createResponse();
$response->setStatusCode(302);
$response->headers->set('Location', '/somewhere-else');
$c->collect($request = $this->createRequest(), $response);
$c->lateCollect();
$cookie = $this->getCookieByName($response, 'sf_redirect');
$this->assertNotEmpty($cookie->getValue());
$this->assertSame('lax', $cookie->getSameSite());
$this->assertFalse($cookie->isSecure());
}
public function testItCollectsTheRedirectionAndClearTheCookie()
{
$c = new RequestDataCollector();
$request = $this->createRequest();
$request->attributes->set('_redirected', true);
$request->cookies->add([
'sf_redirect' => '{"method": "POST"}',
]);
$response->setStatusCode(302);
$response->headers->set('Location', '/somewhere-else');
$c->collect($request = $this->createRequest(), $response);
$c->lateCollect();
$cookie = $this->getCookieByName($response, 'sf_redirect');
$this->assertNotEmpty($cookie->getValue());
$this->assertSame('lax', $cookie->getSameSite());
$this->assertFalse($cookie->isSecure());
}
public function testItCollectsTheRedirectionAndClearTheCookie()
{
$c = new RequestDataCollector();
$request = $this->createRequest();
$request->attributes->set('_redirected', true);
$request->cookies->add([
'sf_redirect' => '{"method": "POST"}',
]);
$client = $this->createClient(['test_case' => 'RememberMe', 'root_config' => 'stateless_config.yml']);
$client->request('POST', '/login', [
'_username' => 'johannes',
'_password' => 'test',
]);
$cookieJar = $client->getCookieJar();
$cookieJar->expire(session_name());
$this->assertNotNull($cookieJar->get('REMEMBERME'));
$this->assertSame('lax', $cookieJar->get('REMEMBERME')->getSameSite());
$client->request('GET', '/logout');
$this->assertSame(302, $client->getResponse()->getStatusCode(), 'Logout unsuccessful.');
$this->assertNull($cookieJar->get('REMEMBERME'));
}
public static function provideConfigs()
{
yield [['root_config' => 'config_session.yml']];
yield [['root_config' => 'config_persistent.yml']];
}
}
$client->request('POST', '/login', [
'_username' => 'johannes',
'_password' => 'test',
]);
$cookieJar = $client->getCookieJar();
$cookieJar->expire(session_name());
$this->assertNotNull($cookieJar->get('REMEMBERME'));
$this->assertSame('lax', $cookieJar->get('REMEMBERME')->getSameSite());
$client->request('GET', '/logout');
$this->assertSame(302, $client->getResponse()->getStatusCode(), 'Logout unsuccessful.');
$this->assertNull($cookieJar->get('REMEMBERME'));
}
public static function provideConfigs()
{
yield [['root_config' => 'config_session.yml']];
yield [['root_config' => 'config_persistent.yml']];
}
}
$cookie = Cookie::fromString('foo=bar; expires=Fri, 20 May 2011 15:25:52 GMT; path=/; domain=.myfoodomain.com; secure; httponly');
$this->assertTrue($cookie->isHttpOnly());
$cookie = Cookie::fromString('foo=bar; expires=Fri, 20 May 2011 15:25:52 GMT; path=/; domain=.myfoodomain.com; secure');
$this->assertFalse($cookie->isHttpOnly());
}
public function testSameSiteAttribute()
{
$cookie = new Cookie('foo', 'bar', 0, '/', null, false, true, false, 'Lax');
$this->assertEquals('lax', $cookie->getSameSite());
$cookie = new Cookie('foo', 'bar', 0, '/', null, false, true, false, '');
$this->assertNull($cookie->getSameSite());
$cookie = Cookie::create('foo')->withSameSite('Lax');
$this->assertEquals('lax', $cookie->getSameSite());
}
public function testSetSecureDefault()
{
$cookie = Cookie::create('foo', 'bar');
$str .= '; domain='.$this->getDomain();
}
if (true === $this->isSecure()) {
$str .= '; secure';
}
if (true === $this->isHttpOnly()) {
$str .= '; httponly';
}
if (null !== $this->getSameSite()) {
$str .= '; samesite='.$this->getSameSite();
}
return $str;
}
/** * Gets the name of the cookie. */
public function getName(): string
{
}
if (true === $this->isSecure()) {
$str .= '; secure';
}
if (true === $this->isHttpOnly()) {
$str .= '; httponly';
}
if (null !== $this->getSameSite()) {
$str .= '; samesite='.$this->getSameSite();
}
return $str;
}
/** * Gets the name of the cookie. */
public function getName(): string
{
public function testConstructException()
{
$this->expectException(UnexpectedValueException::class);
$this->expectExceptionMessage('The cookie expiration time "string" is not valid.');
new Cookie('foo', 'bar', 'string');
}
public function testSameSite()
{
$cookie = new Cookie('foo', 'bar');
$this->assertNull($cookie->getSameSite());
$cookie = new Cookie('foo', 'bar', 0, '/', 'foo.com', false, true, false, 'lax');
$this->assertSame('lax', $cookie->getSameSite());
}
}
{
$this->expectException(UnexpectedValueException::class);
$this->expectExceptionMessage('The cookie expiration time "string" is not valid.');
new Cookie('foo', 'bar', 'string');
}
public function testSameSite()
{
$cookie = new Cookie('foo', 'bar');
$this->assertNull($cookie->getSameSite());
$cookie = new Cookie('foo', 'bar', 0, '/', 'foo.com', false, true, false, 'lax');
$this->assertSame('lax', $cookie->getSameSite());
}
}
$cookies = $response->headers->getCookies();
if ($sessionOptions['use_cookies'] ?? true) {
$this->assertCount(1, $cookies);
$this->assertSame('PHPSESSID', $cookies[0]->getName());
$this->assertSame('123456', $cookies[0]->getValue());
$this->assertSame($expectedSessionOptions['cookie_path'], $cookies[0]->getPath());
$this->assertSame($expectedSessionOptions['cookie_domain'], $cookies[0]->getDomain());
$this->assertSame($expectedSessionOptions['cookie_secure'], $cookies[0]->isSecure());
$this->assertSame($expectedSessionOptions['cookie_httponly'], $cookies[0]->isHttpOnly());
$this->assertSame($expectedSessionOptions['cookie_samesite'], $cookies[0]->getSameSite());
} else {
$this->assertCount(0, $cookies);
}
}
public static function provideSessionOptions(): \Generator
{
yield 'set_samesite_by_php' => [
'phpSessionOptions' => ['samesite' => Cookie::SAMESITE_STRICT],
'sessionOptions' => ['cookie_path' => '/test/', 'cookie_domain' => '', 'cookie_secure' => true, 'cookie_httponly' => true],
'expectedSessionOptions' => ['cookie_path' => '/test/', 'cookie_domain' => '', 'cookie_secure' => true, 'cookie_httponly' => true, 'cookie_samesite' => Cookie::SAMESITE_STRICT],
];
if ($sessionOptions['use_cookies'] ?? true) {
$this->assertCount(1, $cookies);
$this->assertSame('PHPSESSID', $cookies[0]->getName());
$this->assertSame('123456', $cookies[0]->getValue());
$this->assertSame($expectedSessionOptions['cookie_path'], $cookies[0]->getPath());
$this->assertSame($expectedSessionOptions['cookie_domain'], $cookies[0]->getDomain());
$this->assertSame($expectedSessionOptions['cookie_secure'], $cookies[0]->isSecure());
$this->assertSame($expectedSessionOptions['cookie_httponly'], $cookies[0]->isHttpOnly());
$this->assertSame($expectedSessionOptions['cookie_samesite'], $cookies[0]->getSameSite());
} else {
$this->assertCount(0, $cookies);
}
}
public static function provideSessionOptions(): \Generator
{
yield 'set_samesite_by_php' => [
'phpSessionOptions' => ['samesite' => Cookie::SAMESITE_STRICT],
'sessionOptions' => ['cookie_path' => '/test/', 'cookie_domain' => '', 'cookie_secure' => true, 'cookie_httponly' => true],
'expectedSessionOptions' => ['cookie_path' => '/test/', 'cookie_domain' => '', 'cookie_secure' => true, 'cookie_httponly' => true, 'cookie_samesite' => Cookie::SAMESITE_STRICT],
];