What are the Slack Archives?

It’s a history of our time together in the Slack Community! There’s a ton of knowledge in here, so feel free to search through the archives for a possible answer to your question.

Because this space is not active, you won’t be able to create a new post or comment here. If you have a question or want to start a discussion about something, head over to our categories and pick one to post in! You can always refer back to a post from Slack Archives if needed; just copy the link to use it as a reference..

Hello I’m currently checking how to set Samesite cookie parameter to Spryker cookies. I found that S

U011K6DASBW
U011K6DASBW Posts: 37 🧑🏻‍🚀 - Cadet

Hello
I’m currently checking how to set Samesite cookie parameter to Spryker cookies. I found that Symfony 3.2 supports it using a parameter (cookie_samesite) to Session class.
I have tried to set this using Spryker\Yves\Session\SessionConfig::getSessionStorageOptions() , and it passed the option correctly, but in response Symfony sets two cookies (one with the Samesite, and another one without it, which replaces the first one), so the browser only gets the last one without Samesite option.
After checking the symfony’s NativeSessionStorage class, it seems like php < 7.3 does not support samesite cookies, so it tries to emulate this behavior by manually setting the header, and that’s why I think it sends two cookies instead of one.
It looks like a symfony bug, not sure if upgrading php version to 7.3 would fix it (as then it won’t try to emulate it), but does spryker support php 7.3?
and have you faced this issue in any other spryker project?

Comments