Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security/Http] Allow setting cookie security settings for delete_cookies #36252

Merged
merged 1 commit into from Mar 30, 2020

Conversation

wouterj
Copy link
Member

@wouterj wouterj commented Mar 28, 2020

Q A
Branch? 3.4
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix #36243 (comment)
License MIT
Doc PR tbd

Similar to #36173 and #36175. This is needed for Chrome 80 compatibility.

My only question is whether we should introduce these specific settings, or somehow fetch them from framework.session?

@nicolas-grekas nicolas-grekas added this to the 3.4 milestone Mar 30, 2020
@nicolas-grekas nicolas-grekas changed the title [Security] Allow setting cookie security settings for delete_cookies [Security/Http] Allow setting cookie security settings for delete_cookies Mar 30, 2020
@nicolas-grekas nicolas-grekas force-pushed the security/samesite-cookie-clearer branch 4 times, most recently from ae1c7aa to 5e18563 Compare March 30, 2020 09:03
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I fixed deps=low by updating the composer.json files.

@wouterj wouterj force-pushed the security/samesite-cookie-clearer branch from 5e18563 to a696d1f Compare March 30, 2020 10:38
@fabpot
Copy link
Member

fabpot commented Mar 30, 2020

Thank you @wouterj.

@fabpot fabpot merged commit b1d21af into symfony:3.4 Mar 30, 2020
@wouterj wouterj deleted the security/samesite-cookie-clearer branch March 30, 2020 12:10
This was referenced Mar 30, 2020
@fabpot fabpot mentioned this pull request Apr 28, 2020
fabpot added a commit that referenced this pull request Dec 22, 2021
This PR was merged into the 5.3 branch.

Discussion
----------

[Security/Http] Fix cookie clearing on logout

| Q             | A
| ------------- | ---
| Branch?       | 5.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        | -

I think this was forgotten or a merge issue when the component was refactored :
- Original PR : #36252
- PR that added this file : #36243 (comment)

Commits
-------

d1aa32a [Security/Http] Fix cookie clearing on logout
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants