mirror of
https://github.com/php/php-src.git
synced 2024-09-21 09:57:23 +00:00
Fixed GH-9200: setcookie has an obsolete expires date format
This commit is contained in:
parent
9dc6ee995f
commit
15e3fcb468
1
NEWS
1
NEWS
@ -25,6 +25,7 @@ PHP NEWS
|
||||
|
||||
- Standard:
|
||||
. Fixed bug #65489 (glob() basedir check is inconsistent). (Jakub Zelenka)
|
||||
. Fixed GH-9200 (setcookie has an obsolete expires date format). (Derick)
|
||||
. Fixed GH-9244 (Segfault with array_multisort + array_shift). (cmb)
|
||||
|
||||
04 Aug 2022, PHP 8.2.0beta2
|
||||
|
@ -118,7 +118,7 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
|
||||
* so in order to force cookies to be deleted, even on MSIE, we
|
||||
* pick an expiry date in the past
|
||||
*/
|
||||
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, 1, 0);
|
||||
dt = php_format_date("D, d M Y H:i:s \\G\\M\\T", sizeof("D, d M Y H:i:s \\G\\M\\T")-1, 1, 0);
|
||||
smart_str_appends(&buf, "Set-Cookie: ");
|
||||
smart_str_append(&buf, name);
|
||||
smart_str_appends(&buf, "=deleted; expires=");
|
||||
@ -137,14 +137,12 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
|
||||
smart_str_append(&buf, value);
|
||||
}
|
||||
if (expires > 0) {
|
||||
const char *p;
|
||||
double diff;
|
||||
|
||||
smart_str_appends(&buf, COOKIE_EXPIRES);
|
||||
dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0);
|
||||
dt = php_format_date("D, d M Y H:i:s \\G\\M\\T", sizeof("D, d M Y H:i:s \\G\\M\\T")-1, expires, 0);
|
||||
/* check to make sure that the year does not exceed 4 digits in length */
|
||||
p = zend_memrchr(ZSTR_VAL(dt), '-', ZSTR_LEN(dt));
|
||||
if (!p || *(p + 5) != ' ') {
|
||||
if (php_idate('Y', expires, 0) > 9999) {
|
||||
zend_string_free(dt);
|
||||
smart_str_free(&buf);
|
||||
zend_value_error("%s(): \"expires\" option cannot have a year greater than 9999",
|
||||
|
@ -11,4 +11,4 @@ setcookie("name", "value", $date);
|
||||
?>
|
||||
--EXPECT--
|
||||
--EXPECTHEADERS--
|
||||
Set-Cookie: name=value; expires=Sat, 01-Apr-2017 12:25:39 GMT; Max-Age=0
|
||||
Set-Cookie: name=value; expires=Sat, 01 Apr 2017 12:25:39 GMT; Max-Age=0
|
||||
|
@ -21,20 +21,20 @@ setcookie('name', 'value', ['expires' => $tsp]);
|
||||
setcookie('name', 'value', ['expires' => $tsn, 'path' => '/path/', 'domain' => 'domain.tld', 'secure' => true, 'httponly' => true, 'samesite' => 'Strict']);
|
||||
|
||||
$expected = array(
|
||||
'Set-Cookie: name=deleted; expires='.date('D, d-M-Y H:i:s', 1).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=deleted; expires='.date('D, d-M-Y H:i:s', 1).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=deleted; expires='.date('D, d M Y H:i:s', 1).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=deleted; expires='.date('D, d M Y H:i:s', 1).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=value',
|
||||
'Set-Cookie: name=space%20value',
|
||||
'Set-Cookie: name=value',
|
||||
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsp).' GMT; Max-Age=5',
|
||||
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsn).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsc).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsp).' GMT; Max-Age=5',
|
||||
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsn).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsc).' GMT; Max-Age=0',
|
||||
'Set-Cookie: name=value; path=/path/',
|
||||
'Set-Cookie: name=value; domain=domain.tld',
|
||||
'Set-Cookie: name=value; secure',
|
||||
'Set-Cookie: name=value; HttpOnly',
|
||||
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsp).' GMT; Max-Age=5',
|
||||
'Set-Cookie: name=value; expires='.date('D, d-M-Y H:i:s', $tsn).' GMT; Max-Age=0; path=/path/; domain=domain.tld; secure; HttpOnly; SameSite=Strict'
|
||||
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsp).' GMT; Max-Age=5',
|
||||
'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsn).' GMT; Max-Age=0; path=/path/; domain=domain.tld; secure; HttpOnly; SameSite=Strict'
|
||||
);
|
||||
|
||||
$headers = headers_list();
|
||||
|
Loading…
Reference in New Issue
Block a user