Hi Frederik, On Tue, Jul 18, 2017 at 12:11 AM, Frederik Bosch | Genkgo <f.bo...@genkgo.nl> wrote: > LS, > > Today I finished writing the RFC for implementing same site cookies in PHP, > https://wiki.php.net/rfc/same-site-cookie. I am happy to receive your > remarks on the proposal, and improve when necessary. > > For those (only) interested in code, have a look at PR # 2613: > https://github.com/php/php-src/pull/2613. > > For the record, I am just a messenger in this regard. Someone uploaded a > patch for this feature in bug #72230: https://bugs.php.net/bug.php?id=72230. > I just took the opportunity to create a PR and the corresponding RFC. > Credits for the code go to xistence at 0x90 dot nl. > > Hopefully, the samesite cookie flag will become a feature of the PHP > language through this RFC! >
Unfortunately, all of the cons you've explained in the RFC are very valid concerns. I'd rather first see what happens with http_cookie_set() that's being talked about in another thread currently (I suspect inspired by this). Cheers, Andrey. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
