From 3c75ae82d2e9a0d005137a17b2948ee9b1e1b401 Mon Sep 17 00:00:00 2001 From: michael Date: Wed, 20 May 2020 09:34:44 +0000 Subject: [PATCH] * Add support for SameSite attribute of cookie (bug ID 0037115) git-svn-id: trunk@45446 - --- packages/fcl-web/src/base/httpdefs.pp | 10 ++++++++++ packages/fcl-web/src/base/httpprotocol.pp | 1 + 2 files changed, 11 insertions(+) diff --git a/packages/fcl-web/src/base/httpdefs.pp b/packages/fcl-web/src/base/httpdefs.pp index acf65c7587..c8ccc143cd 100644 --- a/packages/fcl-web/src/base/httpdefs.pp +++ b/packages/fcl-web/src/base/httpdefs.pp @@ -97,6 +97,7 @@ const SCookiePath = httpProtocol.SCookiePath; SCookieSecure = httpProtocol.SCookieSecure; SCookieHttpOnly = httpProtocol.SCookieHttpOnly; + SCookieSameSite = httpProtocol.SCookieSameSite; HTTPMonths : array[1..12] of string[3] = ( 'Jan', 'Feb', 'Mar', 'Apr', @@ -148,11 +149,13 @@ type TRequest = Class; { TCookie } + TSameSite = (ssEmpty,ssNone,ssStrict,ssLax); TCookie = class(TCollectionItem) private FHttpOnly: Boolean; FName: string; + FSameSite: TSameSite; FValue: string; FPath: string; FDomain: string; @@ -171,6 +174,7 @@ type property Expires: TDateTime read FExpires write FExpires; property Secure: Boolean read FSecure write FSecure; property HttpOnly: Boolean read FHttpOnly write FHttpOnly; + property SameSite: TSameSite Read FSameSite Write FSameSite; Property AsString : String Read GetAsString; end; @@ -2317,6 +2321,10 @@ function TCookie.GetAsString: string; Result:=Result+';'+S; end; +Const + SSameSiteValues : Array[TSameSite] of string + = ('','None','Strict','Lax'); + Var Y,M,D : Word; @@ -2338,6 +2346,8 @@ begin AddToResult(SCookieHttpOnly); if FSecure then AddToResult(SCookieSecure); + if FSameSite<>ssEmpty then + AddToResult(SSameSiteValues[FSameSite]); except {$ifdef cgidebug} On E : Exception do diff --git a/packages/fcl-web/src/base/httpprotocol.pp b/packages/fcl-web/src/base/httpprotocol.pp index f8d60d0424..cb66d9afe8 100644 --- a/packages/fcl-web/src/base/httpprotocol.pp +++ b/packages/fcl-web/src/base/httpprotocol.pp @@ -87,6 +87,7 @@ Const SCookiePath = ' Path=%s'; SCookieSecure = ' Secure'; SCookieHttpOnly = ' HttpOnly'; + SCookieSameSite = ' SameSite'; HTTPMonths: array[1..12] of string[3] = ( 'Jan', 'Feb', 'Mar', 'Apr',