SameSite=None; Secure Cookie Settings

Discuss general development subjects that are not specific to a particular version like the versioning control system we use or other infrastructure.
Post Reply
janus
Registered User
Posts: 28
Joined: Thu Nov 26, 2015 1:06 pm

SameSite=None; Secure Cookie Settings

Post by janus »

Any plans to make phpbb ready for SameSite=None; Secure Cookie Settings?
https://www.smarthostingplans.com/uncat ... -settings/

I understand the only thing to change is:
Open: [ROOT]/phpbb/session.php
Find

Code: Select all

header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . ';' . (($httponly) ? ' HttpOnly' : ''), false);
Replace with

Code: Select all

header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . ';' . (($httponly) ? ' HttpOnly' : '') . '; SameSite=Strict', false);
User avatar
3Di
Registered User
Posts: 873
Joined: Tue Nov 01, 2005 9:50 pm
Location: Milano (I) Frankfurt (D)
Contact:

Re: SameSite=None; Secure Cookie Settings

Post by 3Di »

At a first glance that hack is wrongly coded IMO.
Moreover, there will be a bit more to do in case it gets implemented, you could open a ticket and let someone take care of it eventually.
Please PM me only to request paid works. Thx.
Want to compensate me for my interest? Donate
My development's activity º PhpStorm's proud user
Extensions, Scripts, MOD porting, Update/Upgrades
👨‍🏫 | Take a tour to | The Studio | 👨‍🏫
Post Reply