Browse Source

Merge branch 'httponly-cookies' of https://github.com/mj/php-src

pull/697/head
Andrea Faulds 12 years ago
parent
commit
2b5d25d1fc
  1. 11
      ext/session/session.c
  2. 12
      ext/standard/head.c
  3. 7
      ext/standard/head.h
  4. 2
      ext/standard/tests/network/setcookie.phpt

11
ext/session/session.c

@ -51,6 +51,7 @@
#include "ext/standard/php_smart_str.h"
#include "ext/standard/url.h"
#include "ext/standard/basic_functions.h"
#include "ext/standard/head.h"
#include "mod_files.h"
#include "mod_user.h"
@ -1289,14 +1290,6 @@ static int php_session_cache_limiter(TSRMLS_D) /* {{{ */
* Cookie Management *
********************* */
#define COOKIE_SET_COOKIE "Set-Cookie: "
#define COOKIE_EXPIRES "; expires="
#define COOKIE_MAX_AGE "; Max-Age="
#define COOKIE_PATH "; path="
#define COOKIE_DOMAIN "; domain="
#define COOKIE_SECURE "; secure"
#define COOKIE_HTTPONLY "; HttpOnly"
/*
* Remove already sent session ID cookie.
* It must be directly removed from SG(sapi_header) because sapi_add_header_ex()
@ -1362,7 +1355,7 @@ static void php_session_send_cookie(TSRMLS_D) /* {{{ */
e_session_name = php_url_encode(PS(session_name), strlen(PS(session_name)), NULL);
e_id = php_url_encode(PS(id), strlen(PS(id)), NULL);
smart_str_appends(&ncookie, COOKIE_SET_COOKIE);
smart_str_appends(&ncookie, "Set-Cookie: ");
smart_str_appends(&ncookie, e_session_name);
smart_str_appendc(&ncookie, '=');
smart_str_appends(&ncookie, e_id);

12
ext/standard/head.c

@ -124,7 +124,7 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
if (expires > 0) {
const char *p;
char tsdelta[13];
strlcat(cookie, "; expires=", len + 100);
strlcat(cookie, COOKIE_EXPIRES, len + 100);
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0 TSRMLS_CC);
/* check to make sure that the year does not exceed 4 digits in length */
p = zend_memrchr(dt, '-', strlen(dt));
@ -139,7 +139,7 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
efree(dt);
snprintf(tsdelta, sizeof(tsdelta), "%li", (long) difftime(expires, time(NULL)));
strlcat(cookie, "; Max-Age=", len + 100);
strlcat(cookie, COOKIE_MAX_AGE, len + 100);
strlcat(cookie, tsdelta, len + 100);
}
}
@ -149,18 +149,18 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t
}
if (path && path_len > 0) {
strlcat(cookie, "; path=", len + 100);
strlcat(cookie, COOKIE_PATH, len + 100);
strlcat(cookie, path, len + 100);
}
if (domain && domain_len > 0) {
strlcat(cookie, "; domain=", len + 100);
strlcat(cookie, COOKIE_DOMAIN, len + 100);
strlcat(cookie, domain, len + 100);
}
if (secure) {
strlcat(cookie, "; secure", len + 100);
strlcat(cookie, COOKIE_SECURE, len + 100);
}
if (httponly) {
strlcat(cookie, "; httponly", len + 100);
strlcat(cookie, COOKIE_HTTPONLY, len + 100);
}
ctr.line = cookie;

7
ext/standard/head.h

@ -21,6 +21,13 @@
#ifndef HEAD_H
#define HEAD_H
#define COOKIE_EXPIRES "; expires="
#define COOKIE_MAX_AGE "; Max-Age="
#define COOKIE_DOMAIN "; domain="
#define COOKIE_PATH "; path="
#define COOKIE_SECURE "; secure"
#define COOKIE_HTTPONLY "; HttpOnly"
extern PHP_RINIT_FUNCTION(head);
PHP_FUNCTION(header);
PHP_FUNCTION(header_remove);

2
ext/standard/tests/network/setcookie.phpt

@ -29,7 +29,7 @@ $expected = array(
'Set-Cookie: name=value; path=/path/',
'Set-Cookie: name=value; domain=domain.tld',
'Set-Cookie: name=value; secure',
'Set-Cookie: name=value; httponly'
'Set-Cookie: name=value; HttpOnly'
);
$headers = headers_list();

Loading…
Cancel
Save