Include SameSite attribute on cookies.
This commit is contained in:
parent
bd3e055323
commit
5a70e3f3f1
3 changed files with 37 additions and 16 deletions
|
@ -62,20 +62,26 @@
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
MszSakuya.trackElements($qa('time'));
|
try {
|
||||||
hljs.highlightAll();
|
MszSakuya.trackElements($qa('time'));
|
||||||
|
hljs.highlightAll();
|
||||||
|
|
||||||
MszEmbed.init(`${location.protocol}//uiharu.${location.host}`);
|
MszEmbed.init(`${location.protocol}//uiharu.${location.host}`);
|
||||||
|
|
||||||
// only used by the forum posting form
|
// only used by the forum posting form
|
||||||
initQuickSubmit();
|
initQuickSubmit();
|
||||||
MszForumEditor($q('.js-forum-posting'));
|
const forumPostingForm = $q('.js-forum-posting');
|
||||||
|
if(forumPostingForm !== null)
|
||||||
|
MszForumEditor(forumPostingForm);
|
||||||
|
|
||||||
const events = new MszSeasonalEvents;
|
const events = new MszSeasonalEvents;
|
||||||
events.add(new MszChristmas2019EventInfo);
|
events.add(new MszChristmas2019EventInfo);
|
||||||
events.dispatch();
|
events.dispatch();
|
||||||
|
|
||||||
await initLoginPage();
|
await initLoginPage();
|
||||||
|
|
||||||
MszEmbed.handle($qa('.js-msz-embed-media'));
|
MszEmbed.handle($qa('.js-msz-embed-media'));
|
||||||
|
} catch(ex) {
|
||||||
|
console.error(ex);
|
||||||
|
}
|
||||||
})();
|
})();
|
||||||
|
|
|
@ -20,8 +20,8 @@ define('MSZ_ASSETS', MSZ_ROOT . '/assets');
|
||||||
require_once MSZ_ROOT . '/vendor/autoload.php';
|
require_once MSZ_ROOT . '/vendor/autoload.php';
|
||||||
|
|
||||||
Environment::setDebug(MSZ_DEBUG);
|
Environment::setDebug(MSZ_DEBUG);
|
||||||
mb_internal_encoding('utf-8');
|
mb_internal_encoding('UTF-8');
|
||||||
date_default_timezone_set('utc');
|
date_default_timezone_set('UTC');
|
||||||
|
|
||||||
$cfg = SharpConfig::fromFile(MSZ_CONFIG . '/config.cfg');
|
$cfg = SharpConfig::fromFile(MSZ_CONFIG . '/config.cfg');
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
namespace Misuzu\Auth;
|
namespace Misuzu\Auth;
|
||||||
|
|
||||||
// is this the right way to do this?
|
use DateTimeImmutable;
|
||||||
|
|
||||||
|
// is this the right way to do this?
|
||||||
final class AuthTokenCookie {
|
final class AuthTokenCookie {
|
||||||
public static function domain(): string {
|
public static function domain(): string {
|
||||||
$url = parse_url($_SERVER['HTTP_HOST'], PHP_URL_HOST);
|
$url = parse_url($_SERVER['HTTP_HOST'], PHP_URL_HOST);
|
||||||
|
@ -16,10 +17,24 @@ final class AuthTokenCookie {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function apply(string $packed): void {
|
public static function apply(string $packed): void {
|
||||||
setcookie('msz_auth', $packed, strtotime('+3 months'), '/', self::domain(), !empty($_SERVER['HTTPS']), true);
|
$now = new DateTimeImmutable('now');
|
||||||
|
$threeMonths = $now->modify('+3 months');
|
||||||
|
|
||||||
|
header(sprintf(
|
||||||
|
'Set-Cookie: msz_auth=%s; Expires=%s; Max-Age=%d; Domain=%s; Path=/; SameSite=Lax; HttpOnly;%s',
|
||||||
|
$packed,
|
||||||
|
$threeMonths->format('D, d M Y H:i:s e'),
|
||||||
|
$threeMonths->getTimestamp() - $now->getTimestamp(),
|
||||||
|
self::domain(),
|
||||||
|
filter_has_var(INPUT_SERVER, 'HTTPS') ? ' Secure' : ''
|
||||||
|
));
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function nuke(): void {
|
public static function nuke(): void {
|
||||||
setcookie('msz_auth', '', -9001, '/', self::domain(), !empty($_SERVER['HTTPS']), true);
|
header(sprintf(
|
||||||
|
'Set-Cookie: msz_auth=; Expires=Wed, 31 Dec 1969 21:29:59 UTC; Max-Age=-9001; Domain=%s; Path=/; SameSite=Lax; HttpOnly;%s',
|
||||||
|
self::domain(),
|
||||||
|
filter_has_var(INPUT_SERVER, 'HTTPS') ? ' Secure' : ''
|
||||||
|
));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue