[donate/master] Fixes for captcha problems across sites - tor-commits

11 May 2021

commit 3b8bee796ca232e27f024eb9be0c303ae2b10098
Author: Peter Haight peterh@giantrabbit.com
Date:   Fri Sep 11 11:58:11 2020 -0700
Fixes for captcha problems across sites
Chrome defaults to not sharing cookies across site unless you set
    SameSite=None and you also need to set Secure and HttpOnly or it won't
    let you set SameSite=None.
Issue #47134
---
 public/index.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/public/index.php b/public/index.php
index 2784ee00..882cbbfb 100644
--- a/public/index.php
+++ b/public/index.php
@@ -11,6 +11,14 @@ if (PHP_SAPI == 'cli-server') {
require __DIR__ . '/../vendor/autoload.php';
+$cookie_params = session_get_cookie_params();
+$cookie_params['httponly'] = TRUE;
+$cookie_params['samesite'] = 'None';
+$cookie_params['secure'] = TRUE;
+$result = session_set_cookie_params($cookie_params);
+if ($result !== TRUE) {
+  throw new Exception("Error setting cookie params to: " . print_r($cookie_params, TRUE) . ": " . print_r(error_get_last(), TRUE));
+}
 session_start();
// Instantiate the app

    