PMCORE-3467
This commit is contained in:
Julio Cesar Laura Avendaño
@@ -874,8 +874,8 @@ class Light
|
||||
session_start();
|
||||
session_regenerate_id();
|
||||
|
||||
setcookie("workspaceSkin", SYS_SKIN, time() + (24 * 60 * 60), "/sys" . config("system.workspace"), null, G::is_https(),
|
||||
true);
|
||||
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + (24 * 60 * 60), 'path' => '/sys' . config('system.workspace'), 'httponly' => true]);
|
||||
setcookie('workspaceSkin', SYS_SKIN, $cookieOptions);
|
||||
|
||||
if (strlen($msg) > 0) {
|
||||
$_SESSION['G_MESSAGE'] = $msg;
|
||||
|
||||
@@ -86,6 +86,21 @@ class System
|
||||
'disable_task_manager_routing_async' => '0',
|
||||
'on_one_server_enable' => 0,
|
||||
'at_risk_delegation_max_time' => '0.2',
|
||||
'samesite_cookie_setting' => ''
|
||||
];
|
||||
|
||||
public static $cookieDefaultOptions = [
|
||||
'expires' => 0,
|
||||
'path' => '/',
|
||||
'domain' => '',
|
||||
'secure' => false,
|
||||
'httponly' => false,
|
||||
'samesite' => ''
|
||||
];
|
||||
|
||||
public static $cookieSameSiteValues = [
|
||||
'Lax',
|
||||
'Strict'
|
||||
];
|
||||
|
||||
/**
|
||||
@@ -1252,6 +1267,13 @@ class System
|
||||
$config['at_risk_delegation_max_time'] = self::$defaultConfig['at_risk_delegation_max_time'];
|
||||
}
|
||||
|
||||
$value = ucfirst(strtolower($config['samesite_cookie_setting']));
|
||||
if (in_array($value, self::$cookieSameSiteValues)) {
|
||||
$config['samesite_cookie_setting'] = $value;
|
||||
} else {
|
||||
$config['samesite_cookie_setting'] = '';
|
||||
}
|
||||
|
||||
return $config;
|
||||
}
|
||||
|
||||
@@ -1778,4 +1800,29 @@ class System
|
||||
$parseDsn["pass"] = urldecode($parseDsn["pass"]);
|
||||
return $parseDsn;
|
||||
}
|
||||
|
||||
/**
|
||||
* Build the options for a cookie, according to the system configuration and values optionally sent to this method
|
||||
*
|
||||
* @param array $options
|
||||
* @return array
|
||||
*/
|
||||
public static function buildCookieOptions(array $options = [])
|
||||
{
|
||||
// Get system values
|
||||
$cookieOptions = self::$cookieDefaultOptions;
|
||||
$systemConfiguration = self::getSystemConfiguration();
|
||||
|
||||
// Always set "secure" option according to the server protocol
|
||||
$cookieOptions['secure'] = G::is_https();
|
||||
|
||||
// Set the "samesite" option according to the system configuration
|
||||
$cookieOptions['samesite'] = $systemConfiguration['samesite_cookie_setting'];
|
||||
|
||||
// Overrides the cookie options with the values sent to the method
|
||||
$cookieOptions = array_merge($cookieOptions, $options);
|
||||
|
||||
// Return the cookie options
|
||||
return $cookieOptions;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
<?php
|
||||
namespace ProcessMaker\Services\OAuth2;
|
||||
|
||||
use Bootstrap;
|
||||
use Luracast\Restler\iAuthenticate;
|
||||
use Luracast\Restler\RestException;
|
||||
use OAuth2\Request;
|
||||
@@ -367,7 +368,8 @@ class Server implements iAuthenticate
|
||||
$lifetime = 1440;
|
||||
}
|
||||
|
||||
setcookie($session->getSessionName(), $_COOKIE[$session->getSessionName()], time() + $lifetime, "/", null, false, true);
|
||||
$cookieOptions = Bootstrap::buildCookieOptions(['expires' => time() + $lifetime, 'secure' => false, 'httponly' => true]);
|
||||
setcookie($session->getSessionName(), $_COOKIE[$session->getSessionName()], $cookieOptions);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user