I recently read "RFC 6265" on the attribute "Same Site", I looked at some articles that talked about that in April 2016, "same-site" attribute has been implemented for Chrome 51 & Opera 39 ...

I wonder if current PHP supports creating cookies with this attribute?

Reference:

Bạn đang xem: Samesite cookies

Xem thêm:

Highest score (default) Trending (recent votes count more) Date modified (newest first) Date created (oldest first)

1. For PHP >= v7.3

You can use the $options array to set the samesite value, for example:

setcookie($name, $value, < "expires" => time() + 86400, "path" => "/", "domain" => "domain.example", "secure" => true, "httponly" => true, "samesite" => "None",>);The value of the samesite element should be either None, Lax or Strict.

Read more in the manual page.

2. For PHP Header always edit Set-Cookie (.*) "$1; SameSite=Lax"and this will update all your cookies with SameSite=Lax flag

See more here: https://blog.giantgeek.com/?p=1872

2.2 Setting SameSite cookies using Nginx configuration

location / # your usual config ... # hack, phối all cookies lớn secure, httponly and samesite (strict or lax) proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";Same here, this also will update all your cookies with SameSite=Lax flag

See more here: https://serverfault.com/questions/849888/add-samesite-to-cookies-using-nginx-as-reverse-proxy

2.3 Setting SameSite cookies using header method

As we know cookies are just a header in HTTP request with the following structure

Set-Cookie: key=value; path=/; domain=example.org; HttpOnly; SameSite=Laxso we can just mix the cookies with header method

header("Set-Cookie: key=value; path=/; domain=example.org; HttpOnly; SameSite=Lax");In fact, Symfony is not waiting for PHP 7.3 and already doing it under the hood, see here