Fix issue slimphp#568: Parse string 'expires' before encoding secure …

…cookie. The `\Slim\Http\Util::encodeSecureCookie` function requires the expires parameter to be a int. A string typed 'expires' or 'cookie.lifetime' would pass a string in this case, which causes the response cookie to be broken when parsed by `decodeSecureCookie`.
alpex29 · Jul 18, 2013 · dd6aa9a · dd6aa9a
1 parent d98dca9
commit dd6aa9a
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/Slim/Http/Util.php b/Slim/Http/Util.php
@@ -186,9 +186,15 @@ public static function serializeCookies(\Slim\Http\Headers &$headers, \Slim\Http
     {
         if ($config['cookies.encrypt']) {
             foreach ($cookies as $name => $settings) {
+                if (is_string($settings['expires'])) {
+                    $expires = strtotime($settings['expires']);
+                } else {
+                    $expires = (int) $settings['expires'];
+                }
+
                 $settings['value'] = static::encodeSecureCookie(
                     $settings['value'],
-                    $settings['expires'],
+                    $expires,
                     $config['cookies.secret_key'],
                     $config['cookies.cipher'],
                     $config['cookies.cipher_mode']