Originally Posted by
dbltoe
Yes that's the post I referred to. Although the code is slightly different in the v1.57a release, being:
Code:
//session_set_cookie_params(0, $path, (zen_not_null($cookieDomain) ? $domainPrefix . $cookieDomain : ''), $secureFlag, TRUE);
$samesite = (defined('COOKIE_SAMESITE')) ? COOKIE_SAMESITE : 'lax';
if (!in_array($samesite, array('lax', 'strict', 'none'))) $samesite = 'lax';
if (PHP_VERSION_ID < 70300) {
session_set_cookie_params(0, $path .'; samesite='.$samesite, (zen_not_null($cookieDomain) ? $domainPrefix . $cookieDomain : ''), $secureFlag, TRUE);
} else {
session_set_cookie_params(array(
'lifetime' => 0,
'path' => $path,
'domain' => (zen_not_null($cookieDomain) ? $domainPrefix . $cookieDomain : ''),
'secure' => $secureFlag,
'httponly' => TRUE,
'samesite' => $samesite
));
} else {
session_set_cookie_params(0, $path, (zen_not_null($cookieDomain) ? $domainPrefix . $cookieDomain : ''), $secureFlag, true);
ini_set('session.cookie_samesite', $samesite);
}
Bookmarks