Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #3284269 by mcdruid, poker10: Fix samesite attribute on Drupal.toolbar.collapsed and other similar cookies

merge-requests/3045/head
mcdruid 2022-11-18 15:31:24 +00:00
parent db31224872
commit 717bfd8208
6 changed files with 67 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
includes/bootstrap.inc
View File

@ -3949,6 +3949,14 @@ function drupal_setcookie($name, $value, $options) {
setcookie($name, $value, $options); setcookie($name, $value, $options);
} }
else { else {
$defaults = array(
'expires' => 0,
'path' => '',
'domain' => '',
'secure' => FALSE,
'httponly' => FALSE,
);
$options += $defaults;
setcookie($name, $value, $options['expires'], $options['path'], $options['domain'], $options['secure'], $options['httponly']); setcookie($name, $value, $options['expires'], $options['path'], $options['domain'], $options['secure'], $options['httponly']);
} }
} }

11
misc/tabledrag.js
View File

@ -165,7 +165,8 @@ Drupal.tableDrag.prototype.initColumns = function () {
// Set a cookie if it is not already present. // Set a cookie if it is not already present.
if ($.cookie('Drupal.tableDrag.showWeight') === null) { if ($.cookie('Drupal.tableDrag.showWeight') === null) {
$.cookie('Drupal.tableDrag.showWeight', 0, { $.cookie('Drupal.tableDrag.showWeight', 0, {
path: Drupal.settings.basePath, // Workaround lack of support for the SameSite attribute in jQuery Cookie.
path: Drupal.settings.basePath + '; SameSite=Lax',
// The cookie expires in one year. // The cookie expires in one year.
expires: 365 expires: 365
}); });
@ -197,9 +198,9 @@ Drupal.tableDrag.prototype.hideColumns = function () {
}); });
// Change link text. // Change link text.
$('.tabledrag-toggle-weight').text(Drupal.t('Show row weights')); $('.tabledrag-toggle-weight').text(Drupal.t('Show row weights'));
// Change cookie. // Change cookie (including workaround for SameSite attribute).
$.cookie('Drupal.tableDrag.showWeight', 0, { $.cookie('Drupal.tableDrag.showWeight', 0, {
path: Drupal.settings.basePath, path: Drupal.settings.basePath + '; SameSite=Lax',
// The cookie expires in one year. // The cookie expires in one year.
expires: 365 expires: 365
}); });
@ -222,9 +223,9 @@ Drupal.tableDrag.prototype.showColumns = function () {
}); });
// Change link text. // Change link text.
$('.tabledrag-toggle-weight').text(Drupal.t('Hide row weights')); $('.tabledrag-toggle-weight').text(Drupal.t('Hide row weights'));
// Change cookie. // Change cookie (including workaround for SameSite attribute).
$.cookie('Drupal.tableDrag.showWeight', 1, { $.cookie('Drupal.tableDrag.showWeight', 1, {
path: Drupal.settings.basePath, path: Drupal.settings.basePath + '; SameSite=Lax',
// The cookie expires in one year. // The cookie expires in one year.
expires: 365 expires: 365
}); });

1
modules/toolbar/toolbar.info
View File

@ -3,3 +3,4 @@ description = Provides a toolbar that shows the top-level administration menu it
core = 7.x core = 7.x
package = Core package = Core
version = VERSION version = VERSION
files[] = toolbar.test

6
modules/toolbar/toolbar.js
View File

@ -52,7 +52,8 @@ Drupal.toolbar.collapse = function() {
'Drupal.toolbar.collapsed', 'Drupal.toolbar.collapsed',
1, 1,
{ {
path: Drupal.settings.basePath, // Workaround lack of support for the SameSite attribute in jQuery Cookie.
path: Drupal.settings.basePath + '; SameSite=Lax',
// The cookie should "never" expire. // The cookie should "never" expire.
expires: 36500 expires: 36500
} }
@ -74,7 +75,8 @@ Drupal.toolbar.expand = function() {
'Drupal.toolbar.collapsed', 'Drupal.toolbar.collapsed',
0, 0,
{ {
path: Drupal.settings.basePath, // Workaround lack of support for the SameSite attribute in jQuery Cookie.
path: Drupal.settings.basePath + '; SameSite=Lax',
// The cookie should "never" expire. // The cookie should "never" expire.
expires: 36500 expires: 36500
} }

7
modules/toolbar/toolbar.module
View File

@ -70,7 +70,12 @@ function toolbar_menu() {
function toolbar_toggle_page() { function toolbar_toggle_page() {
global $base_path; global $base_path;
// Toggle the value in the cookie. // Toggle the value in the cookie.
setcookie('Drupal.toolbar.collapsed', !_toolbar_is_collapsed(), NULL, $base_path); drupal_setcookie('Drupal.toolbar.collapsed', !_toolbar_is_collapsed(),
array(
'samesite' => 'Lax',
'path' => $base_path,
)
);
// Redirect the user from where he used the toggle element. // Redirect the user from where he used the toggle element.
drupal_goto(); drupal_goto();
} }

42
modules/toolbar/toolbar.test Normal file
View File

@ -0,0 +1,42 @@
<?php
class ToolbarTestCase extends DrupalWebTestCase {
protected $admin_user;
public static function getInfo() {
return array(
'name' => 'Toolbar',
'description' => 'Test toolbar functionality.',
'group' => 'Toolbar (core)',
);
}
function setUp() {
parent::setUp();
// Setup users.
$this->admin_user = $this->drupalCreateUser(array('access toolbar'));
$this->drupalLogin($this->admin_user);
}
/**
* Tests toggling the toolbar collapsed cookie.
*/
function testToolbarCollapsedCookie() {
$this->drupalGet('toolbar/toggle');
$set_cookie = $this->drupalGetHeader('set-cookie', TRUE);
$this->assertTrue((strpos('Drupal.toolbar.collapsed=1; path=/; SameSite=Lax', $set_cookie) !== FALSE), 'Toolbar cookie set to collapsed by default.');
// The next request should toggle the toolbar.collapsed cookie to off.
$this->drupalGet('toolbar/toggle');
$set_cookie = $this->drupalGetHeader('set-cookie', TRUE);
$this->assertTrue((bool) preg_match('#Drupal.toolbar.collapsed=deleted; expires=Thu, 01.Jan.1970 00:00:01 GMT;( Max-Age=0;)? path=\/; SameSite=Lax#', $set_cookie), 'Toolbar cookie toggled to off (deleted).');
// The next request should toggle the toolbar.collapsed cookie back to 1.
$this->drupalGet('toolbar/toggle');
$set_cookie = $this->drupalGetHeader('set-cookie', TRUE);
$this->assertTrue((strpos('Drupal.toolbar.collapsed=1; path=/; SameSite=Lax', $set_cookie) !== FALSE), 'Toolbar cookie toggled to 1.');
}
}