php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #73454 Add INI session.cookie_samesite
Submitted: 2016-11-03 16:04 UTC Modified: 2018-10-31 14:02 UTC
Votes:16
Avg. Score:4.5 ± 0.9
Reproduced:13 of 13 (100.0%)
Same Version:5 (38.5%)
Same OS:5 (38.5%)
From: love at sickpeople dot se Assigned: cmb (profile)
Status: Closed Package: Session related
PHP Version: Next Minor Version OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: love at sickpeople dot se
New email:
PHP Version: OS:

 

 [2016-11-03 16:04 UTC] love at sickpeople dot se
Description:
------------
Add an INI for configuring the SameSite flag on cookies set by Session.

See also https://bugs.php.net/bug.php?id=72230 for adding this flag to setcookie().

Update to RFC 6265 regarding SameSite (draft): https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00

SameSite is currently supported by Chrome and Opera: http://caniuse.com/#feat=same-site-cookie-attribute


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2017-09-14 17:50 UTC] cmb@php.net
Note that there is already a respective RFC (targetting PHP 7.3.0)
in voting phase: <https://wiki.php.net/rfc/same-site-cookie>.
 [2018-10-31 14:02 UTC] cmb@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb
 [2018-10-31 14:02 UTC] cmb@php.net
The mentioned RFC has been accepted and implemented, so this
ticket can be closed.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 14:01:29 2024 UTC