firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

크롬 80버전 대응 코드 추가

Browse Source
This commit is contained in:
thisgun
2020-02-14 11:44:04 +09:00
parent ebac40312f
commit 6ccb8905a0
2 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
common.php
View File

@ -230,12 +230,14 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
if(!function_exists('session_start_samesite')) {
function session_start_samesite($options = array())
{
global $g5;
$res = @session_start($options);
// IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None 설정하지 않습니다.
if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) ){
return $res;
}
// IE 브라우저 또는 엣지브라우저 일때는 secure; SameSite=None, http 환경에서는 설정하지 않습니다.
if( preg_match('/Edge/i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~MSIE|Internet Explorer~i', $_SERVER['HTTP_USER_AGENT']) || preg_match('~Trident/7.0(; Touch)?; rv:11.0~',$_SERVER['HTTP_USER_AGENT']) || ! (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') ){
return $res;
}
$headers = headers_list();
krsort($headers);
@ -243,6 +245,7 @@ if( $config['cf_cert_use'] || (defined('G5_YOUNGCART_VER') && G5_YOUNGCART_VER)
if (!preg_match('~^Set-Cookie: PHPSESSID=~', $header)) continue;
$header = preg_replace('~; secure(; HttpOnly)?$~', '', $header) . '; secure; SameSite=None';
header($header, false);
$g5['session_cookie_samesite'] = 'none';
break;
}
return $res;

4
lib/common.lib.php
View File

@ -116,11 +116,13 @@ function goto_url($url)
// 세션변수 생성
function set_session($session_name, $value)
{
global $g5;
static $check_cookie = null;
if( $check_cookie === null ){
$cookie_session_name = session_name();
if( ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){
if( ! isset($g5['session_cookie_samesite']) && ! ($cookie_session_name && isset($_COOKIE[$cookie_session_name]) && $_COOKIE[$cookie_session_name]) && ! headers_sent() ){
@session_regenerate_id(false);
}