[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [donate/master] Fixes for captcha problems across sites



commit 3b8bee796ca232e27f024eb9be0c303ae2b10098
Author: Peter Haight <peterh@xxxxxxxxxxxxxxx>
Date:   Fri Sep 11 11:58:11 2020 -0700

    Fixes for captcha problems across sites
    
    Chrome defaults to not sharing cookies across site unless you set
    SameSite=None and you also need to set Secure and HttpOnly or it won't
    let you set SameSite=None.
    
    Issue #47134
---
 public/index.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/public/index.php b/public/index.php
index 2784ee00..882cbbfb 100644
--- a/public/index.php
+++ b/public/index.php
@@ -11,6 +11,14 @@ if (PHP_SAPI == 'cli-server') {
 
 require __DIR__ . '/../vendor/autoload.php';
 
+$cookie_params = session_get_cookie_params();
+$cookie_params['httponly'] = TRUE;
+$cookie_params['samesite'] = 'None';
+$cookie_params['secure'] = TRUE;
+$result = session_set_cookie_params($cookie_params);
+if ($result !== TRUE) {
+  throw new Exception("Error setting cookie params to: " . print_r($cookie_params, TRUE) . ": " . print_r(error_get_last(), TRUE));
+}
 session_start();
 
 // Instantiate the app



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits