feature #38369 [HttpFoundation] Expired cookies string representation consistency & tests (iquito)

fabpot · fabpot · commit dfcde5b4094e · 2020-10-04T10:45:41.000+02:00
This PR was squashed before being merged into the 5.2-dev branch. Discussion ---------- [HttpFoundation] Expired cookies string representation consistency & tests | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | Deprecations? | no | License | MIT These changes add consistent behavior when converting expired cookies back and forth from string representation into `Symfony\Component\HttpFoundation\Cookie` instances in `Cookie::fromString`: - When `Max-Age` is zero and `expires` is in the past, the `expires` date is kept as is (previous behavior: `expires` is overwritten with current timestamp because it is reset to current timestamp + `Max-Age`) - When `Max-Age` is zero and `expires` is in the future, expires is reset to current timestamp, as `Max-Age` is the preferred "source of truth" (same as previous behavior) - Add tests for how the Cookie class handles `Max-Age` in a cookie string and how `expires` and `Max-Age` interact - Extract helper function `expiresTimestamp` so converting to a unix timestamp can be reused in `Cookie::fromString` This is more a new feature than a bug fix in my mind, therefore I would include it in 5.1+. Commits ------- 4f5d5ec [HttpFoundation] Expired cookies string representation consistency & tests
diff --git a/src/Symfony/Component/HttpFoundation/Cookie.php b/src/Symfony/Component/HttpFoundation/Cookie.php
@@ -62,8 +62,9 @@ public static function fromString(string $cookie, bool $decode = false)
         $value = isset($part[1]) ? ($decode ? urldecode($part[1]) : $part[1]) : null;
 
         $data = HeaderUtils::combine($parts) + $data;
+        $data['expires'] = self::expiresTimestamp($data['expires']);
 
-        if (isset($data['max-age'])) {
+        if (isset($data['max-age']) && ($data['max-age'] > 0 || $data['expires'] > time())) {
             $data['expires'] = time() + (int) $data['max-age'];
         }
 
@@ -102,7 +103,7 @@ public function __construct(string $name, string $value = null, $expire = 0, ?st
         $this->name = $name;
         $this->value = $value;
         $this->domain = $domain;
-        $this->expire = $this->withExpires($expire)->expire;
+        $this->expire = self::expiresTimestamp($expire);
         $this->path = empty($path) ? '/' : $path;
         $this->secure = $secure;
         $this->httpOnly = $httpOnly;
@@ -144,6 +145,21 @@ public function withDomain(?string $domain): self
      * @return static
      */
     public function withExpires($expire = 0): self
+    {
+        $cookie = clone $this;
+        $cookie->expire = self::expiresTimestamp($expire);
+
+        return $cookie;
+    }
+
+    /**
+     * Converts expires formats to a unix timestamp.
+     *
+     * @param int|string|\DateTimeInterface $expire
+     *
+     * @return int
+     */
+    private static function expiresTimestamp($expire = 0)
     {
         // convert expiration time to a Unix timestamp
         if ($expire instanceof \DateTimeInterface) {
@@ -156,10 +172,7 @@ public function withExpires($expire = 0): self
             }
         }
 
-        $cookie = clone $this;
-        $cookie->expire = 0 < $expire ? (int) $expire : 0;
-
-        return $cookie;
+        return 0 < $expire ? (int) $expire : 0;
     }
 
     /**
diff --git a/src/Symfony/Component/HttpFoundation/Tests/CookieTest.php b/src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
@@ -363,4 +363,33 @@ public function testSetSecureDefault()
 
         $this->assertFalse($cookie->isSecure());
     }
+
+    public function testMaxAge()
+    {
+        $futureDateOneHour = gmdate('D, d-M-Y H:i:s T', time() + 3600);
+
+        $cookie = Cookie::fromString('foo=bar; Max-Age=3600; path=/');
+        $this->assertEquals('foo=bar; expires='.$futureDateOneHour.'; Max-Age=3600; path=/', $cookie->__toString());
+
+        $cookie = Cookie::fromString('foo=bar; expires='.$futureDateOneHour.'; Max-Age=3600; path=/');
+        $this->assertEquals('foo=bar; expires='.$futureDateOneHour.'; Max-Age=3600; path=/', $cookie->__toString());
+
+        $futureDateHalfHour = gmdate('D, d-M-Y H:i:s T', time() + 1800);
+
+        // Max-Age value takes precedence before expires
+        $cookie = Cookie::fromString('foo=bar; expires='.$futureDateHalfHour.'; Max-Age=3600; path=/');
+        $this->assertEquals('foo=bar; expires='.$futureDateOneHour.'; Max-Age=3600; path=/', $cookie->__toString());
+    }
+
+    public function testExpiredWithMaxAge()
+    {
+        $cookie = Cookie::fromString('foo=bar; expires=Fri, 20-May-2011 15:25:52 GMT; Max-Age=0; path=/');
+        $this->assertEquals('foo=bar; expires=Fri, 20-May-2011 15:25:52 GMT; Max-Age=0; path=/', $cookie->__toString());
+
+        $futureDate = gmdate('D, d-M-Y H:i:s T', time() + 864000);
+
+        $cookie = Cookie::fromString('foo=bar; expires='.$futureDate.'; Max-Age=0; path=/');
+        $this->assertEquals(time(), $cookie->getExpiresTime());
+        $this->assertEquals('foo=bar; expires='.gmdate('D, d-M-Y H:i:s T', $cookie->getExpiresTime()).'; Max-Age=0; path=/', $cookie->__toString());
+    }
 }
