PHP设置具有相同网站的会话Cookie [英] PHP setting a Session-Cookie with samesite

问题描述

我目前有一个PHP脚本，可按以下方式设置相同时间的cookie：

I currently have a PHP script that sets the sametime cookie as follows:

    session_set_cookie_params($cookie_timeout, $cookieParams["path"], $cookie_domain, $session_secure, $cookie_httponly);

我想通过添加一个额外的参数在上面的语句中添加samesite = Lax，其中（（$ cookie_samesite = Lax）

I want to add samesite="Lax" to the above statement by adding an extra parameter where ($cookie_samesite="Lax")

    session_set_cookie_params($cookie_timeout, $cookieParams["path"], $cookie_domain, $session_secure, $cookie_httponly, $cookie_samesite);

语句的新输出看起来像

1800，/， .vasports.com.au，1，1， Lax

1800, /, ".vasports.com.au", 1, 1, "Lax"

samesite参数的格式正确吗？

Is this the correct format for the samesite parameter?

注意：我尚未安装PHP7.3。因此，我无法正确测试。
而且我已将PHP doco称为 session_set_cookie_params。
我也检查了

NOTE: I do not have a PHP7.3 installed yet. Hence I can't test this properly. And I've referred to PHP doco for "session_set_cookie_params". I have also checked

PHP setcookie SameSite = Strict？

推荐答案

从PHP 7.3开始，您可以将一个选项数组放入set_cookie_params中，支持SameSite。

As of PHP 7.3 you can throw an options array into set_cookie_params that supports SameSite.

session_set_cookie_params([
    'lifetime' => $cookie_timeout,
    'path' => '/',
    'domain' => $cookie_domain,
    'secure' => $session_secure,
    'httponly' => $cookie_httponly,
    'samesite' => 'Lax'
]);

在PHP< 7.3上，您可以添加SameSite参数，并将其添加到路径参数中。 / p>

On PHP <7.3 you can add the SameSite parameter adding it in the "path" param.

session_set_cookie_params([
    'lifetime' => $cookie_timeout,
    'path' => '/;SameSite=none', // <-- this way!
    'domain' => $cookie_domain,
    'secure' => $session_secure,
    'httponly' => $cookie_httponly,
    'samesite' => 'Lax'
]);

这篇关于PHP设置具有相同网站的会话Cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！