Issue #2868384 by RoSk0, poker10, tuutti, rgeerolf, sokru, jofitz, pooja... (a9d695f7) · Commits · project / drupal

core/assets/scaffold/files/default.services.yml

+5 −0

Original line number	Diff line number	Diff line
		@@ -64,6 +64,11 @@ parameters:
		# \Drupal\Core\Session\SessionConfiguration::__construct()
		# @default 6
		sid_bits_per_character: 6
		# By default, Drupal generates a session cookie name based on the full
		# domain name. Set the name_suffix to a short random string to ensure this
		# session cookie name is unique on different installations on the same
		# domain and path (for example, when migrating from Drupal 7).
		name_suffix: ''
		twig.config:
		# Twig debugging:
		#

+1 −0

+9 −4

Original line number	Diff line number	Diff line
		@@ -25,9 +25,14 @@ class SessionConfiguration implements SessionConfigurationInterface {
		* @see https://www.php.net/manual/session.security.ini.php
		*/
		public function __construct($options = []) {
		// Provide sensible defaults for sid_length and sid_bits_per_character.
		// See core/assets/scaffold/files/default.services.yml for more information.
		$this->options = $options + ['sid_length' => 48, 'sid_bits_per_character' => 6];
		// Provide sensible defaults for sid_length, sid_bits_per_character and
		// name_suffix.
		// @see core/assets/scaffold/files/default.services.yml
		$this->options = $options + [
		'sid_length' => 48,
		'sid_bits_per_character' => 6,
		'name_suffix' => '',
		];
		}

		/**
		@@ -96,7 +101,7 @@ protected function getUnprefixedName(Request $request) {
		else {
		// Otherwise use $base_url as session name, without the protocol
		// to use the same session identifiers across HTTP and HTTPS.
		$session_name = $request->getHost() . $request->getBasePath();
		$session_name = $request->getHost() . $request->getBasePath() . $this->options['name_suffix'];
		// Replace "core" out of session_name so core scripts redirect properly,
		// specifically install.php.
		$session_name = preg_replace('#/core$#', '', $session_name);

+7 −5

Original line number	Diff line number	Diff line
		@@ -266,11 +266,12 @@ public static function providerTestEnforcedSessionName() {
		*
		* @dataProvider providerTestConstructorDefaultSettings
		*/
		public function testConstructorDefaultSettings(array $options, int $expected_sid_length, int $expected_sid_bits_per_character) {
		public function testConstructorDefaultSettings(array $options, int $expected_sid_length, int $expected_sid_bits_per_character, string $expected_name_suffix) {
		$config = $this->createSessionConfiguration($options);
		$options = $config->getOptions(Request::createFromGlobals());
		$this->assertSame($expected_sid_length, $options['sid_length']);
		$this->assertSame($expected_sid_bits_per_character, $options['sid_bits_per_character']);
		$this->assertSame($expected_name_suffix, $options['name_suffix']);
		}

		/**
		@@ -281,10 +282,11 @@ public function testConstructorDefaultSettings(array $options, int $expected_sid
		*/
		public static function providerTestConstructorDefaultSettings() {
		return [
		[[], 48, 6],
		[['sid_length' => 100], 100, 6],
		[['sid_bits_per_character' => 5], 48, 5],
		[['sid_length' => 100, 'sid_bits_per_character' => 5], 100, 5],
		[[], 48, 6, ''],
		[['sid_length' => 100], 100, 6, ''],
		[['sid_bits_per_character' => 5], 48, 5, ''],
		[['name_suffix' => 'some-suffix'], 48, 6, 'some-suffix'],
		[['sid_length' => 100, 'sid_bits_per_character' => 5, 'name_suffix' => 'some-suffix'], 100, 5, 'some-suffix'],
		];
		}

+5 −0

Original line number	Diff line number	Diff line
		@@ -64,6 +64,11 @@ parameters:
		# \Drupal\Core\Session\SessionConfiguration::__construct()
		# @default 6
		sid_bits_per_character: 6
		# By default, Drupal generates a session cookie name based on the full
		# domain name. Set the name_suffix to a short random string to ensure this
		# session cookie name is unique on different installations on the same
		# domain and path (for example, when migrating from Drupal 7).
		name_suffix: ''
		twig.config:
		# Twig debugging:
		#