Implement proof-of-concept partitioned option for setcookie

Author: ndossche

ext/standard/head.c

@@ -79,7 +79,7 @@ PHPAPI int php_header(void)
 #define ILLEGAL_COOKIE_CHARACTER "\",\", \";\", \" \", \"\\t\", \"\\r\", \"\\n\", \"\\013\", or \"\\014\""
 PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t expires,
 	zend_string *path, zend_string *domain, bool secure, bool httponly,
-	zend_string *samesite, bool url_encode)
+	zend_string *samesite, bool partitioned, bool url_encode)
 {
 	zend_string *dt;
 	sapi_header_line ctr = {0};
@@ -117,6 +117,11 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
 		return FAILURE;
 	}
 #endif
+	if (partitioned && !secure) {
+		zend_value_error("%s(): \"partitioned\" option cannot be used without \"secure\" option",
+			get_active_function_name());
+		return FAILURE;
+	}
 
 	/* Should check value of SameSite? */
 
@@ -182,6 +187,9 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
 		smart_str_appends(&buf, COOKIE_SAMESITE);
 		smart_str_append(&buf, samesite);
 	}
+	if (partitioned) {
+		smart_str_appends(&buf, COOKIE_PARTITIONED);
+	}
 
 	ctr.line = ZSTR_VAL(buf.s);
 	ctr.line_len = (uint32_t) ZSTR_LEN(buf.s);
@@ -192,7 +200,7 @@ PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t e
 }
 
 static zend_result php_head_parse_cookie_options_array(HashTable *options, zend_long *expires, zend_string **path,
-		zend_string **domain, bool *secure, bool *httponly, zend_string **samesite)
+		zend_string **domain, bool *secure, bool *httponly, zend_string **samesite, bool *partitioned)
 {
 	zend_string *key;
 	zval *value;
@@ -214,6 +222,8 @@ static zend_result php_head_parse_cookie_options_array(HashTable *options, zend_
 			*httponly = zval_is_true(value);
 		} else if (zend_string_equals_literal_ci(key, "samesite")) {
 			*samesite = zval_get_string(value);
+		} else if (zend_string_equals_literal_ci(key, "partitioned")) {
+			*partitioned = zval_is_true(value);
 		} else {
 			zend_value_error("%s(): option \"%s\" is invalid", get_active_function_name(), ZSTR_VAL(key));
 			return FAILURE;
@@ -227,7 +237,7 @@ static void php_setcookie_common(INTERNAL_FUNCTION_PARAMETERS, bool is_raw)
 	HashTable *options = NULL;
 	zend_long expires = 0;
 	zend_string *name, *value = NULL, *path = NULL, *domain = NULL, *samesite = NULL;
-	bool secure = 0, httponly = 0;
+	bool secure = 0, httponly = 0, partitioned = false;
 
 	ZEND_PARSE_PARAMETERS_START(1, 7)
 		Z_PARAM_STR(name)
@@ -248,13 +258,13 @@ static void php_setcookie_common(INTERNAL_FUNCTION_PARAMETERS, bool is_raw)
 		}
 
 		if (FAILURE == php_head_parse_cookie_options_array(options, &expires, &path,
-			&domain, &secure, &httponly, &samesite)
+			&domain, &secure, &httponly, &samesite, &partitioned)
 		) {
 			goto cleanup;
 		}
 	}
 
-	if (php_setcookie(name, value, expires, path, domain, secure, httponly, samesite, !is_raw) == SUCCESS) {
+	if (php_setcookie(name, value, expires, path, domain, secure, httponly, samesite, partitioned, !is_raw) == SUCCESS) {
 		RETVAL_TRUE;
 	} else {
 		RETVAL_FALSE;

ext/standard/head.h

@@ -17,19 +17,20 @@
 #ifndef HEAD_H
 #define HEAD_H
 
-#define COOKIE_EXPIRES    "; expires="
-#define COOKIE_MAX_AGE    "; Max-Age="
-#define COOKIE_DOMAIN     "; domain="
-#define COOKIE_PATH       "; path="
-#define COOKIE_SECURE     "; secure"
-#define COOKIE_HTTPONLY   "; HttpOnly"
-#define COOKIE_SAMESITE   "; SameSite="
+#define COOKIE_EXPIRES     "; expires="
+#define COOKIE_MAX_AGE     "; Max-Age="
+#define COOKIE_DOMAIN      "; domain="
+#define COOKIE_PATH        "; path="
+#define COOKIE_SECURE      "; secure"
+#define COOKIE_HTTPONLY    "; HttpOnly"
+#define COOKIE_SAMESITE    "; SameSite="
+#define COOKIE_PARTITIONED "; Partitioned"
 
 extern PHP_RINIT_FUNCTION(head);
 
 PHPAPI int php_header(void);
 PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t expires,
 	zend_string *path, zend_string *domain, bool secure, bool httponly,
-	zend_string *samesite, bool url_encode);
+	zend_string *samesite, bool partitioned, bool url_encode);
 
 #endif

ext/standard/tests/network/setcookie.phpt

@@ -19,6 +19,7 @@ setcookie('name', 'value', 0, '', '', FALSE, TRUE);
 
 setcookie('name', 'value', ['expires' => $tsp]);
 setcookie('name', 'value', ['expires' => $tsn, 'path' => '/path/', 'domain' => 'domain.tld', 'secure' => true, 'httponly' => true, 'samesite' => 'Strict']);
+setcookie('name', 'value', ['secure' => true, 'partitioned' => true]);
 
 $expected = array(
     'Set-Cookie: name=deleted; expires='.date('D, d M Y H:i:s', 1).' GMT; Max-Age=0',
@@ -34,7 +35,8 @@ $expected = array(
     'Set-Cookie: name=value; secure',
     'Set-Cookie: name=value; HttpOnly',
     'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsp).' GMT; Max-Age=5',
-    'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsn).' GMT; Max-Age=0; path=/path/; domain=domain.tld; secure; HttpOnly; SameSite=Strict'
+    'Set-Cookie: name=value; expires='.date('D, d M Y H:i:s', $tsn).' GMT; Max-Age=0; path=/path/; domain=domain.tld; secure; HttpOnly; SameSite=Strict',
+    'Set-Cookie: name=value; secure; Partitioned'
 );
 
 $headers = headers_list();

ext/standard/tests/network/setcookie_array_option_error.phpt

@@ -37,6 +37,12 @@ try {
 } catch (\ValueError $e) {
     echo $e->getMessage() . "\n";
 }
+// Partitioned without secure
+try {
+    setcookie('name', 'value', ['partitioned' => true]);
+} catch (\ValueError $e) {
+    echo $e->getMessage() . "\n";
+}
 
 // Arguments after options array (will not be set)
 try {
@@ -66,6 +72,7 @@ setcookie(): option array cannot have numeric keys
 setcookie(): option "foo" is invalid
 setcookie(): "path" option cannot contain ",", ";", " ", "\t", "\r", "\n", "\013", or "\014"
 setcookie(): "domain" option cannot contain ",", ";", " ", "\t", "\r", "\n", "\013", or "\014"
+setcookie(): "partitioned" option cannot be used without "secure" option
 setcookie(): Expects exactly 3 arguments when argument #3 ($expires_or_options) is an array
 bool(true)
 array(1) {