diff --git a/system/HTTP/Response.php b/system/HTTP/Response.php index 40911e38096d..2c1e25ea8fb5 100644 --- a/system/HTTP/Response.php +++ b/system/HTTP/Response.php @@ -640,7 +640,7 @@ public function send() { $this->CSP->finalize($this); }else{ - + $this->body = str_replace(['{csp-style-nonce}','{csp-script-nonce}'], '', $this->body); } @@ -911,6 +911,35 @@ public function getCookie(string $name, string $prefix = '') } } + /** + * Sets a cookie to be deleted when the response is sent. + * + * @param $name + * @param string $domain + * @param string $path + * @param string $prefix + */ + public function deleteCookie($name, string $domain = '', string $path = '/', string $prefix = '') + { + if ($prefix === '' && $this->cookiePrefix !== '') + { + $prefix = $this->cookiePrefix; + } + + $name = $prefix.$name; + + foreach ($this->cookies as &$cookie) + { + if ($cookie['name'] == $name) + { + $cookie['value'] = ''; + $cookie['expires'] = ''; + } + } + + return $this; + } + /** * Actually sets the cookies. */ diff --git a/system/Helpers/cookie_helper.php b/system/Helpers/cookie_helper.php index 616ab9a60dbe..730339712349 100755 --- a/system/Helpers/cookie_helper.php +++ b/system/Helpers/cookie_helper.php @@ -126,7 +126,7 @@ function get_cookie($index, bool $xssClean = false) */ function delete_cookie($name, string $domain = '', string $path = '/', string $prefix = '') { - set_cookie($name, '', '', $domain, $path, $prefix); + \Config\Services::response()->deleteCookie($name, $domain, $path, $prefix); } } diff --git a/tests/_support/HTTP/MockResponse.php b/tests/_support/HTTP/MockResponse.php index 01e7b3e4d948..8b2331c006c2 100755 --- a/tests/_support/HTTP/MockResponse.php +++ b/tests/_support/HTTP/MockResponse.php @@ -7,80 +7,11 @@ */ class MockResponse extends Response { - public function setCookie( - $name, - $value = '', - $expire = '', - $domain = '', - $path = '/', - $prefix = '', - $secure = false, - $httponly = false - ) - { - if (is_array($name)) - { - foreach - ( - [ - 'value', - 'expire', - 'domain', - 'path', - 'prefix', - 'secure', - 'httponly', - 'name' - ] as $item - ) - { - if (isset($name[$item])) - { - $$item = $name[$item]; - } - } - } - - - $_COOKIE[$prefix . $name] = $value; - - /* - @todo: Find a way to use setcookie() - without it throwing header issues. - setcookie - ( - $prefix.$name, - $value, - $expire, - $path, - $domain, - $secure, - $httponly - ); - */ - } - - //-------------------------------------------------------------------- - - public function hasCookie(string $name, $value = null, string $prefix = ''): bool - { - return array_key_exists($name, $_COOKIE); - } - - //-------------------------------------------------------------------- - - public function deleteCookie - ( - $name, - string $domain = '', - string $path = '/', - string $prefix = '' - ) - { - $COOKIE[$name] = null; - unset($COOKIE[$name]); - - //set_cookie($name, '', '', $domain, $path, $prefix); - } + /** + * If true, will not write output. Useful during testing. + * + * @var bool + */ + protected $pretend = true; } diff --git a/tests/system/Helpers/CookieHelperTest.php b/tests/system/Helpers/CookieHelperTest.php index b8d75ad578e0..605685f62322 100755 --- a/tests/system/Helpers/CookieHelperTest.php +++ b/tests/system/Helpers/CookieHelperTest.php @@ -53,7 +53,7 @@ public function testSetCookieByArrayParameters() 'expire' => $this->expire ]; set_cookie($cookieAttr); - + $this->assertTrue($this->response->hasCookie($this->name, $this->value)); delete_cookie($this->name); @@ -84,12 +84,15 @@ public function testSetCookieSecured() public function testDeleteCookie() { - set_cookie($this->name, $this->value, $this->expire); - //$this->response->setCookie($this->name, $this->value, $this->expire); + $this->response->setCookie($this->name, $this->value, $this->expire); delete_cookie($this->name); - $this->assertEmpty($this->response->getCookie($this->name)); + $cookie = $this->response->getCookie($this->name); + + // The cookie is set to be cleared when the request is sent.... + $this->assertEquals('', $cookie['value']); + $this->assertEquals('', $cookie['expires']); } //--------------------------------------------------------------------