Fix Pepperminty Wiki login cookie

sbrl / Pepperminty-Wiki

A wiki in a box

https://peppermint.mooncarrot.space/

Mozilla Public License 2.0

178 stars 20 forks source link

Fix Pepperminty Wiki login cookie #200

Closed sbrl closed 3 years ago

sbrl commented 3 years ago

Pepperminty Wiki uses a cookie to record when a user is logged in. This is normal, but apparently the behaviour of cookies is changing soon. See this error message from Firefox 79.0b9:

Cookie “PHPSESSID” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To learn more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

sbrl commented 3 years ago

Uh-oh - it looks like only PHP 7.3+ supports setting the SameSite cookie flag with setcookie(). We've implemented a warning message via error_log() for users of PHP 7.2 and below.

Anyway, this issue is now fixed and will be released in v0.22.