[wp-trac] [WordPress Trac] #37000: Support for the SameSite cookie attribute

WordPress Trac noreply at wordpress.org
Mon Apr 29 11:19:12 UTC 2019


#37000: Support for the SameSite cookie attribute
-------------------------------------------------+-------------------------
 Reporter:  johnbillion                          |       Owner:  (none)
     Type:  enhancement                          |      Status:  new
 Priority:  normal                               |   Milestone:  5.3
Component:  Security                             |     Version:
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch dev-feedback needs-        |     Focuses:
  refresh                                        |  administration
-------------------------------------------------+-------------------------

Comment (by ayeshrajans):

 I'd love to see this move forward too. Even though we commit to a more
 recent WordPress version, it wouldn't be PHP 7.3 right away, so for BC, we
 will need a polyfill.

 I worked on a quite small scale polyfill (https://github.com/Ayesh
 /WordPress-
 SameSite/blob/50705de58a598c46f1ddd70faf6ccce59877b0cc/samesite.php#L172-L188)
 at just 16 lines and a single function. This function doesn't try to be a
 complete poyfill, but is a rather auth-cookie exclusive one.

 I'd be happy to roll a patch with this smaller polyfill or the `delight-im
 /PHP-Cookie` package.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/37000#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list