X-Git-Url: https://yaffs.net/gitweb/?a=blobdiff_plain;f=vendor%2Fsymfony%2Fhttp-foundation%2FCookie.php;fp=vendor%2Fsymfony%2Fhttp-foundation%2FCookie.php;h=5ea881c6e367005cd5083f68f2f1e74c9ad984d2;hb=9917807b03b64faf00f6a1f29dcb6eafc454efa5;hp=91783a6ad2b509463a442eb9b7237031b7229889;hpb=aea91e65e895364e460983b890e295aa5d5540a5;p=yaffs-website

diff --git a/vendor/symfony/http-foundation/Cookie.php b/vendor/symfony/http-foundation/Cookie.php
index 91783a6ad..5ea881c6e 100644
--- a/vendor/symfony/http-foundation/Cookie.php
+++ b/vendor/symfony/http-foundation/Cookie.php
@@ -25,21 +25,28 @@ class Cookie
     protected $path;
     protected $secure;
     protected $httpOnly;
+    private $raw;
+    private $sameSite;
+
+    const SAMESITE_LAX = 'lax';
+    const SAMESITE_STRICT = 'strict';
 
     /**
      * Constructor.
      *
-     * @param string                                  $name     The name of the cookie
-     * @param string                                  $value    The value of the cookie
-     * @param int|string|\DateTime|\DateTimeInterface $expire   The time the cookie expires
-     * @param string                                  $path     The path on the server in which the cookie will be available on
-     * @param string                                  $domain   The domain that the cookie is available to
-     * @param bool                                    $secure   Whether the cookie should only be transmitted over a secure HTTPS connection from the client
-     * @param bool                                    $httpOnly Whether the cookie will be made accessible only through the HTTP protocol
+     * @param string                        $name     The name of the cookie
+     * @param string                        $value    The value of the cookie
+     * @param int|string|\DateTimeInterface $expire   The time the cookie expires
+     * @param string                        $path     The path on the server in which the cookie will be available on
+     * @param string                        $domain   The domain that the cookie is available to
+     * @param bool                          $secure   Whether the cookie should only be transmitted over a secure HTTPS connection from the client
+     * @param bool                          $httpOnly Whether the cookie will be made accessible only through the HTTP protocol
+     * @param bool                          $raw      Whether the cookie value should be sent with no url encoding
+     * @param string|null                   $sameSite Whether the cookie will be available for cross-site requests
      *
      * @throws \InvalidArgumentException
      */
-    public function __construct($name, $value = null, $expire = 0, $path = '/', $domain = null, $secure = false, $httpOnly = true)
+    public function __construct($name, $value = null, $expire = 0, $path = '/', $domain = null, $secure = false, $httpOnly = true, $raw = false, $sameSite = null)
     {
         // from PHP source code
         if (preg_match("/[=,; \t\r\n\013\014]/", $name)) {
@@ -51,7 +58,7 @@ class Cookie
         }
 
         // convert expiration time to a Unix timestamp
-        if ($expire instanceof \DateTime || $expire instanceof \DateTimeInterface) {
+        if ($expire instanceof \DateTimeInterface) {
             $expire = $expire->format('U');
         } elseif (!is_numeric($expire)) {
             $expire = strtotime($expire);
@@ -68,6 +75,17 @@ class Cookie
         $this->path = empty($path) ? '/' : $path;
         $this->secure = (bool) $secure;
         $this->httpOnly = (bool) $httpOnly;
+        $this->raw = (bool) $raw;
+
+        if (null !== $sameSite) {
+            $sameSite = strtolower($sameSite);
+        }
+
+        if (!in_array($sameSite, array(self::SAMESITE_LAX, self::SAMESITE_STRICT, null), true)) {
+            throw new \InvalidArgumentException('The "sameSite" parameter value is not valid.');
+        }
+
+        $this->sameSite = $sameSite;
     }
 
     /**
@@ -77,20 +95,20 @@ class Cookie
      */
     public function __toString()
     {
-        $str = urlencode($this->getName()).'=';
+        $str = ($this->isRaw() ? $this->getName() : urlencode($this->getName())).'=';
 
         if ('' === (string) $this->getValue()) {
             $str .= 'deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001);
         } else {
-            $str .= urlencode($this->getValue());
+            $str .= $this->isRaw() ? $this->getValue() : rawurlencode($this->getValue());
 
             if (0 !== $this->getExpiresTime()) {
                 $str .= '; expires='.gmdate('D, d-M-Y H:i:s T', $this->getExpiresTime());
             }
         }
 
-        if ($this->path) {
-            $str .= '; path='.$this->path;
+        if ($this->getPath()) {
+            $str .= '; path='.$this->getPath();
         }
 
         if ($this->getDomain()) {
@@ -105,6 +123,10 @@ class Cookie
             $str .= '; httponly';
         }
 
+        if (null !== $this->getSameSite()) {
+            $str .= '; samesite='.$this->getSameSite();
+        }
+
         return $str;
     }
 
@@ -121,7 +143,7 @@ class Cookie
     /**
      * Gets the value of the cookie.
      *
-     * @return string
+     * @return string|null
      */
     public function getValue()
     {
@@ -131,7 +153,7 @@ class Cookie
     /**
      * Gets the domain that the cookie is available to.
      *
-     * @return string
+     * @return string|null
      */
     public function getDomain()
     {
@@ -187,4 +209,24 @@ class Cookie
     {
         return $this->expire < time();
     }
+
+    /**
+     * Checks if the cookie value should be sent with no url encoding.
+     *
+     * @return bool
+     */
+    public function isRaw()
+    {
+        return $this->raw;
+    }
+
+    /**
+     * Gets the SameSite attribute.
+     *
+     * @return string|null
+     */
+    public function getSameSite()
+    {
+        return $this->sameSite;
+    }
 }