[donate/master] Fixes for captcha problems across sites
commit 3b8bee796ca232e27f024eb9be0c303ae2b10098 Author: Peter Haight <peterh@giantrabbit.com> Date: Fri Sep 11 11:58:11 2020 -0700 Fixes for captcha problems across sites Chrome defaults to not sharing cookies across site unless you set SameSite=None and you also need to set Secure and HttpOnly or it won't let you set SameSite=None. Issue #47134 --- public/index.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/public/index.php b/public/index.php index 2784ee00..882cbbfb 100644 --- a/public/index.php +++ b/public/index.php @@ -11,6 +11,14 @@ if (PHP_SAPI == 'cli-server') { require __DIR__ . '/../vendor/autoload.php'; +$cookie_params = session_get_cookie_params(); +$cookie_params['httponly'] = TRUE; +$cookie_params['samesite'] = 'None'; +$cookie_params['secure'] = TRUE; +$result = session_set_cookie_params($cookie_params); +if ($result !== TRUE) { + throw new Exception("Error setting cookie params to: " . print_r($cookie_params, TRUE) . ": " . print_r(error_get_last(), TRUE)); +} session_start(); // Instantiate the app
participants (1)
-
peterh@torproject.org