Merge pull request #570 from sentrychen/cookie-samesite

Author: inhere

src/http-message/src/Cookie.php

@@ -6,6 +6,7 @@
 use Swoft\Stdlib\Helper\ObjectHelper;
 use function bean;
 use function gmdate;
+use function in_array;
 use function urlencode;
 
 /**
@@ -27,8 +28,14 @@ class Cookie
         'secure'   => false,
         'httpOnly' => false,
         'hostOnly' => false,
+        'sameSite' => ''
     ];
 
+    /**
+     * SameSite Values
+     */
+    public const SAME_SITE_VALUES = ['Strict', 'Lax', 'None'];
+
     /**
      * @var string
      */
@@ -69,6 +76,11 @@ class Cookie
      */
     private $httpOnly = false;
 
+    /**
+     * @var string
+     */
+    private $sameSite = '';
+
     /**
      * @param array $config
      *
@@ -98,6 +110,7 @@ public function toArray(): array
             'secure'   => $this->secure,
             'httpOnly' => $this->httpOnly,
             'hostOnly' => $this->hostOnly,
+            'sameSite' => $this->sameSite,
         ];
     }
 
@@ -124,14 +137,14 @@ public function toString(): string
             $result .= '; expires=' . gmdate('D, d-M-Y H:i:s e', $timestamp);
         }
 
+        if ($this->sameSite) {
+            $result .= '; SameSite=' . $this->sameSite;
+        }
+
         if ($this->secure) {
             $result .= '; secure';
         }
 
-        // if ($hostOnly) {
-        //     $result .= '; HostOnly';
-        // }
-
         if ($this->httpOnly) {
             $result .= '; HttpOnly';
         }
@@ -307,4 +320,28 @@ public function setHttpOnly(bool $httpOnly): Cookie
         $this->httpOnly = $httpOnly;
         return $this;
     }
+
+    /**
+     * @return string
+     */
+    public function getSameSite(): string
+    {
+        return $this->sameSite;
+    }
+
+    /**
+     * @param string $sameSite
+     *
+     * @return Cookie
+     */
+    public function setSameSite(string $sameSite): Cookie
+    {
+        if (in_array($sameSite, static::SAME_SITE_VALUES, true)) {
+            $this->sameSite = $sameSite;
+        } else {
+            $this->sameSite = '';
+        }
+
+        return $this;
+    }
 }