SessionExtension: option session.cookieSecure is deprecated, http.cookieSecure is used (BC break)

dg · dg · commit c02cde45aa31 · 2021-01-04T03:04:08.000+01:00
diff --git a/src/Bridges/HttpDI/SessionExtension.php b/src/Bridges/HttpDI/SessionExtension.php
@@ -64,8 +64,9 @@ public function loadConfiguration()
 		if (($config->cookieDomain ?? null) === 'domain') {
 			$config->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');
 		}
-		if (($config->cookieSecure ?? null) === 'auto') {
-			$config->cookieSecure = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->isSecured()');
+		if (isset($config->cookieSecure)) {
+			trigger_error("The item 'session › cookieSecure' is deprecated, use 'http › cookieSecure' (it has default value 'auto').", E_USER_DEPRECATED);
+			unset($config->cookieSecure);
 		}
 		if ($config->cookieSamesite === true) {
 			trigger_error("In 'session › cookieSamesite' replace true with 'Lax'.", E_USER_DEPRECATED);
diff --git a/tests/Http.DI/SessionExtension.config.phpt b/tests/Http.DI/SessionExtension.config.phpt
@@ -21,10 +21,12 @@ $compiler->addExtension('session', new SessionExtension(false, PHP_SAPI === 'cli
 
 $loader = new DI\Config\Loader;
 $config = $loader->load(Tester\FileMock::create('
+foo:
+	cookieSecure: yes
+
 session:
 	cookiePath: /x
 	cookieDomain: domain
-	cookieSecure: yes
 	cookieSamesite: Lax
 
 services:
diff --git a/tests/Http.DI/SessionExtension.cookieSecure.auto.phpt b/tests/Http.DI/SessionExtension.cookieSecure.auto.phpt

Original file line number	Diff line number	Diff line change
`@@ -64,8 +64,9 @@ public function loadConfiguration()`
`64`	`64`	`if (($config->cookieDomain ?? null) === 'domain') {`
`65`	`65`	`$config->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');`
`66`	`66`	`}`
`67`		`- if (($config->cookieSecure ?? null) === 'auto') {`
`68`		`- $config->cookieSecure = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->isSecured()');`
	`67`	`+ if (isset($config->cookieSecure)) {`
	`68`	`+ trigger_error("The item 'session › cookieSecure' is deprecated, use 'http › cookieSecure' (it has default value 'auto').", E_USER_DEPRECATED);`
	`69`	`+ unset($config->cookieSecure);`
`69`	`70`	`}`
`70`	`71`	`if ($config->cookieSamesite === true) {`
`71`	`72`	`trigger_error("In 'session › cookieSamesite' replace true with 'Lax'.", E_USER_DEPRECATED);`