Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BrowserKit] Cookie expiration at current timestamp #38360

Merged
merged 1 commit into from
Oct 1, 2020
Merged

[BrowserKit] Cookie expiration at current timestamp #38360

merged 1 commit into from
Oct 1, 2020

Conversation

iquito
Copy link
Contributor

@iquito iquito commented Sep 30, 2020

Q A
Branch? 3.4
Bug fix? yes
New feature? no
Deprecations? no
License MIT

In Symfony\Component\BrowserKit\Cookie a cookie is expired if the expires timestamp is in the past. I would like to change it to also be expired if the expires timestamp equals the current exact timestamp. This would still be in line with RFC 6265, as it states The Expires attribute indicates the maximum lifetime of the cookie, represented as the date and time at which the cookie expires.

Reason for this change: Cookies usually both have expires and Max-Age set, and Symfony sets Max-Age to zero if a cookie is expired (in Symfony\Component\HttpFoundation\Cookie). When converting cookies between string and object representations, Max-Age is the preferred source of truth for the expiration, but Max-Age set to zero is converted to an expires timestamp at this exact second, currently making the cookie not expired in Symfony\Component\BrowserKit\Cookie, even though it should be.

I noticed this discrepancy in my tests when checking if a cookie no longer existed after deleting it, yet it was still there, because Cookie thought it would only expire after the expires timestamp had passed. I am also thinking of raising an issue for Symfony\Component\HttpFoundation\Cookie, as importing and exporting an expired cookie (via strings) changes the expired value. I thought this change was a simpler one for now, and should have no negative/unexpected impact.

@iquito iquito changed the title Cookie in BrowserKit should be expired at current timestamp Cookie in BrowserKit expiration at current timestamp Sep 30, 2020
@iquito iquito changed the title Cookie in BrowserKit expiration at current timestamp [BrowserKit] Cookie expiration at current timestamp Sep 30, 2020
@fabpot fabpot changed the base branch from master to 3.4 October 1, 2020 09:22
@fabpot fabpot changed the base branch from 3.4 to master October 1, 2020 09:22
@fabpot
Copy link
Member

fabpot commented Oct 1, 2020

Can you rebase on 3.4?

@iquito iquito changed the base branch from master to 3.4 October 1, 2020 09:41
@iquito iquito changed the base branch from 3.4 to master October 1, 2020 09:41
@iquito
Adjust expired range check
9d187c0 
Include current second when deciding if cooke has expired.
@iquito iquito changed the base branch from master to 3.4 October 1, 2020 10:14
@iquito
Copy link
Contributor Author

iquito commented Oct 1, 2020

Did the rebase on 3.4

@fabpot
Copy link
Member

fabpot commented Oct 1, 2020

Thank you @iquito.

@fabpot fabpot merged commit 1b68947 into symfony:3.4 Oct 1, 2020
@iquito iquito deleted the patch-1 branch October 1, 2020 11:35
This was referenced Oct 4, 2020
Merged
Merged
@okazy okazy mentioned this pull request Oct 9, 2020
Merged
11 tasks
@fabpot fabpot mentioned this pull request Oct 28, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabpot fabpot fabpot approved these changes

@dunglas dunglas Awaiting requested review from dunglas

@lyrixx lyrixx Awaiting requested review from lyrixx

@sroze sroze Awaiting requested review from sroze

@xabbuh xabbuh Awaiting requested review from xabbuh

Assignees
No one assigned
Labels
Bug Status: Needs Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@iquito @fabpot @carsonbot