Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue 35 partitioned cookie #37

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Issue 35 partitioned cookie #37

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dc929ad
Issue #35 Add 'Partitioned' value for PHP Cookies
phpguru Aug 7, 2024
54f7d47
Issue #35 Added test for Partitioned cookies. I found the tests not w…
phpguru Aug 7, 2024
6a89ae8
Issue #35 Reference the self const instead of duplicating the string
phpguru Aug 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 29 additions & 1 deletion src/Cookie.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ final class Cookie {
const SAME_SITE_RESTRICTION_NONE = 'None';
const SAME_SITE_RESTRICTION_LAX = 'Lax';
const SAME_SITE_RESTRICTION_STRICT = 'Strict';
const PARTITIONED = 'Partitioned';

/** @var string the name of the cookie which is also the key for future accesses via `$_COOKIE[...]` */
private $name;
Expand All @@ -48,6 +49,8 @@ final class Cookie {
private $secureOnly;
/** @var string|null indicates that the cookie should not be sent along with cross-site requests (either `null`, `None`, `Lax` or `Strict`) */
private $sameSiteRestriction;
/** @var string|null indicates that the cookie should be partitioned to comply with CHIPS see https://developer.mozilla.org/en-US/docs/Web/Privacy/Privacy_sandbox/Partitioned_cookies */
private $partitioned;

/**
* Prepares a new cookie
Expand All @@ -63,6 +66,7 @@ public function __construct($name) {
$this->httpOnly = true;
$this->secureOnly = false;
$this->sameSiteRestriction = self::SAME_SITE_RESTRICTION_LAX;
$this->partitioned = false;
}

/**
Expand Down Expand Up @@ -242,6 +246,22 @@ public function setSameSiteRestriction($sameSiteRestriction) {
return $this;
}

/**
* Anything truthy passed in will set 'Partitioned' on the cookie
* @param false|string|null $partitioned
*/
public function setPartitioned($partitioned)
{
if ($partitioned) {
$partitioned = self::PARTITIONED;
}
else {
$partitioned = null;
}
$this->partitioned = $partitioned;
}


/**
* Saves the cookie
*
Expand Down Expand Up @@ -326,9 +346,10 @@ public static function setcookie($name, $value = null, $expiryTime = 0, $path =
* @param bool $secureOnly indicates that the cookie should be sent back by the client over secure HTTPS connections only
* @param bool $httpOnly indicates that the cookie should be accessible through the HTTP protocol only and not through scripting languages
* @param string|null $sameSiteRestriction indicates that the cookie should not be sent along with cross-site requests (either `null`, `None`, `Lax` or `Strict`)
* @param string|null $partitioned indicates that the cookie should be partitioned for CHIPS compatibility. See https://developer.mozilla.org/en-US/docs/Web/Privacy/Privacy_sandbox/Partitioned_cookies`)
* @return string the HTTP header
*/
public static function buildCookieHeader($name, $value = null, $expiryTime = 0, $path = null, $domain = null, $secureOnly = false, $httpOnly = false, $sameSiteRestriction = null) {
public static function buildCookieHeader($name, $value = null, $expiryTime = 0, $path = null, $domain = null, $secureOnly = false, $httpOnly = false, $sameSiteRestriction = null, $partitioned = null) {
if (self::isNameValid($name)) {
$name = (string) $name;
}
Expand Down Expand Up @@ -398,6 +419,10 @@ public static function buildCookieHeader($name, $value = null, $expiryTime = 0,
$headerStr .= '; SameSite=Strict';
}

if ($partitioned) {
$headerStr .= '; ' . self::PARTITIONED;
}

return $headerStr;
}

Expand Down Expand Up @@ -443,6 +468,9 @@ public static function parse($cookieHeader) {
elseif (\stripos($attribute, 'SameSite=') === 0) {
$cookie->setSameSiteRestriction(\substr($attribute, 9));
}
elseif (\stripos($attribute, 'Partitioned') === 0) {
$cookie->setPartitioned(true);
}
}
}

Expand Down
15 changes: 10 additions & 5 deletions tests/index.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,18 @@
// start output buffering
\ob_start();

\testCookie(null);
\testCookie(false);
\testCookie('');
\testCookie(0);
try {
\testCookie(null);
\testCookie(false);
\testCookie('');
\testCookie(0);
\testCookie('hello', null);
} catch (\Throwable $e) {
echo $e->getMessage();
}
\testCookie('hello');
\testCookie('hello', false);
\testCookie('hello', true);
\testCookie('hello', null);
\testCookie('hello', '');
\testCookie('hello', 0);
\testCookie('hello', 1);
Expand Down Expand Up @@ -118,6 +122,7 @@
\testEqual((new \Delight\Cookie\Cookie('key'))->setValue('value')->setDomain('.www.example.com'), 'Set-Cookie: key=value; path=/; domain=.www.example.com; httponly; SameSite=Lax');
\testEqual((new \Delight\Cookie\Cookie('key'))->setValue('value')->setDomain('blog.example.com'), 'Set-Cookie: key=value; path=/; domain=.blog.example.com; httponly; SameSite=Lax');
\testEqual((new \Delight\Cookie\Cookie('key'))->setValue('value')->setDomain('.blog.example.com'), 'Set-Cookie: key=value; path=/; domain=.blog.example.com; httponly; SameSite=Lax');
\testEqual((new \Delight\Cookie\Cookie('SID'))->setValue('31d4d96e407aad42')->setSameSiteRestriction('Lax')->setSecureOnly(true)->setPartitioned(true), 'Set-Cookie: SID=31d4d96e407aad42; path=/; secure; httponly; SameSite=Lax; Partitioned');

\testEqual(\Delight\Cookie\Cookie::parse('Set-Cookie: SID'), '');
\testEqual(\Delight\Cookie\Cookie::parse('Set-Cookie: SID=31d4d96e407aad42'), 'Set-Cookie: SID=31d4d96e407aad42');
Expand Down