function _drupal_samesite_cookie

Determine the value for the samesite cookie attribute, in the following order of precedence:

1) A value explicitly passed to drupal_setcookie() 2) A value set in $conf['samesite_cookie_value'] 3) The setting from php ini 4) The default of None, or FALSE (no attribute) if the cookie is not Secure

Parameters

$options: An associative array as passed to drupal_setcookie().

Return value

The value for the samesite cookie attribute.

1 call to _drupal_samesite_cookie()
_drupal_cookie_params in includes/bootstrap.inc
Process the params for cookies. This emulates support for the SameSite attribute in earlier versions of PHP, and allows the value of that attribute to be overridden.

File

includes/bootstrap.inc, line 4023

Code

function _drupal_samesite_cookie($options) {
    if (isset($options['samesite'])) {
        return $options['samesite'];
    }
    $override = variable_get('samesite_cookie_value', NULL);
    if ($override !== NULL) {
        return $override;
    }
    $ini_options = session_get_cookie_params();
    if (isset($ini_options['samesite'])) {
        return $ini_options['samesite'];
    }
    return empty($options['secure']) ? FALSE : 'None';
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.