8000 [HttpFoundation] Fix cookie to string conversion for raw cookies by ro0NL · Pull Request #20910 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

[HttpFoundation] Fix cookie to string conversion for raw cookies #20910

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

[HttpFoundation] Fix cookie to string conversion for raw cookies #20910

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
adbbed2
[HttpFoundation] Fix cookie to string conversion for raw cookies
ro0NL Dec 13, 2016
ce60d0d
Update Cookie.php
ro0NL Dec 13, 2016
0a8e77a
Update CookieTest.php
ro0NL Dec 13, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
[HttpFoundation] Fix cookie to string conversion for raw cookies
  • Loading branch information
@ro0NL
ro0NL committed Dec 13, 2016
commit adbbed28fbdce8e25cbe6ee5bd835be0e48b066b
12 changes: 5 additions & 7 deletions src/Symfony/Component/HttpFoundation/Cookie.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,21 +80,19 @@ public function __construct($name, $value = null, $expire = 0, $path = '/', $dom
*/
public function __toString()
{
$str = urlencode($this->getName()).'=';
$str = ($this->isRaw() ? $this->getName() : urlencode($this->getName())).'=';

if ('' === (string) $this->getValue()) {
$str .= 'deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001);
} else {
$str .= urlencode($this->getValue());
$str .= $this->isRaw() ? $this->getValue() : urlencode($this->getValue());

if ($this->getExpiresTime() !== 0) {
$str .= '; expires='.gmdate('D, d-M-Y H:i:s T', $this->getExpiresTime());
}
}

if 8000 ($this->path) {
$str .= '; path='.$this->path;
}
$str .= '; path='.$this->getPath() ?: '/';
Copy link
Contributor Author
@ro0NL ro0NL Dec 13, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See #20569 (comment) for my reasoning behind this. Im also fine with if ($this->getPath()) { ... } in case the user breaks the contract from a subclass.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I prefer to keep the condition to keep the payload small (I know that path= / is not that long, but as this is optional, let's do it that way).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

< 8000 div class="comment-body markdown-body js-comment-body soft-wrap css-overflow-wrap-anywhere user-select-contain d-block">

Agree. However source of the problem is https://github.com/symfony/symfony/pull/20910/files#diff-a1e299c557d5ff5fde6fa480eab85d47R70

If it's truly optional (and it is :)) symfony should make no assumptions on empty values. Imo. passing $path=null, $path='', $path='/' should all behave as expected, respectively; <no-path>, path=;, path=/;

Perhaps something to look into later on. For now ill put back the condition 👍
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated.


if ($this->getDomain()) {
$str .= '; domain='.$this->getDomain();
Expand Down Expand Up @@ -124,7 +122,7 @@ public function getName()
/**
* Gets the value of the cookie.
*
* @return string
* @return string|null
*/
public function getValue()
{
Expand All @@ -134,7 +132,7 @@ public function getValue()
/**
* Gets the domain that the cookie is available to.
*
* @return string
* @return string|null
*/
public function getDomain()
{
Expand Down
6 changes: 4 additions & 2 deletions src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,10 +154,12 @@ public function testToString()

public function testRawCookie()
{
$cookie = new Cookie('foo', 'bar', 3600, '/', '.myfoodomain.com', false, true);
$cookie = new Cookie('foo', 'b a r', 3600, '/', '.myfoodomain.com', false, true);
$this->assertFalse($cookie->isRaw());
$this->assertEquals('foo=b+a+r; expires=Thu, 01-Jan-1970 01:00:00 GMT; path=/; domain=.myfoodomain.com; httponly', (string) $cookie);

$cookie = new Cookie('foo', 'bar', 3600, '/', '.myfoodomain.com', false, true, true);
$cookie = new Cookie('foo', 'b+a+r', 3600, '/', '.myfoodomain.com', false, true, true);
$this->assertTrue($cookie->isRaw());
$this->assertEquals('foo=b+a+r; expires=Thu, 01-Jan-1970 01:00:00 GMT; path=/; domain=.myfoodomain.com; httponly', (string) $cookie);
}
}
0