WAFastCGIAdaptor doesn’t write cookie attributes ‘Max-Age’ and ‘SameSite’ - Githubissues

SeasideSt / Seaside

The framework for developing sophisticated web applications in Smalltalk.

MIT License

508 stars 71 forks source link

WAFastCGIAdaptor doesn’t write cookie attributes ‘Max-Age’ and ‘SameSite’ #1375

Closed Rinzwind closed 10 months ago

Rinzwind commented 10 months ago

On WACookie, #writeOn:, through #rfc6265String, writes out ‘Max-Age’ and ‘SameSite’ attributes:

https://github.com/SeasideSt/Seaside/blob/c152487567252d3343ee59deef0a32429f8367bd/repository/Seaside-Core.package/WACookie.class/instance/rfc6265String.st#L2-L16

But on WAFastCGIAdaptor, #addCookie:toStream: does not write out those attributes:

https://github.com/SeasideSt/Seaside/blob/c152487567252d3343ee59deef0a32429f8367bd/repository/Seaside-Adaptors-FastCGI.package/WAFastCGIAdaptor.class/instance/addCookie.toStream..st#L12-L17

I’m not sure why it doesn’t just use the WACookie’s #writeOn:.

jbrichau commented 10 months ago

The change to rfc6265 was never properly implemented in the FastCGI adapter. The current code is there because of https://github.com/SeasideSt/Seaside/issues/1115

It seems we should indeed simply call writeOn: and remove the old code.

jbrichau commented 10 months ago

In #1378, I call the rfc6265String because this is also the method being used in the Zinc Adapter.