Fix case sensitive sameSite cookie

CODIQ-BV · Jul 20, 2017 · 107b7e6 · 107b7e6
1 parent 77b2cf7
commit 107b7e6
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/Cookie.php b/Cookie.php
@@ -77,6 +77,10 @@ public function __construct($name, $value = null, $expire = 0, $path = '/', $dom
         $this->httpOnly = (bool) $httpOnly;
         $this->raw = (bool) $raw;
 
+        if (null !== $sameSite) {
+            $sameSite = strtolower($sameSite);
+        }
+
         if (!in_array($sameSite, array(self::SAMESITE_LAX, self::SAMESITE_STRICT, null), true)) {
             throw new \InvalidArgumentException('The "sameSite" parameter value is not valid.');
         }

diff --git a/Tests/CookieTest.php b/Tests/CookieTest.php
@@ -180,4 +180,10 @@ public function testRawCookie()
         $this->assertTrue($cookie->isRaw());
         $this->assertEquals('foo=b+a+r; path=/', (string) $cookie);
     }
+
+    public function testSameSiteAttributeIsCaseInsensitive()
+    {
+        $cookie = new Cookie('foo', 'bar', 0, '/', null, false, true, false, 'Lax');
+        $this->assertEquals('lax', $cookie->getSameSite());
+    }
 }