‪TYPO3CMS  ‪main
CookieScopeTrait.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Http;
19 
20 trait ‪CookieScopeTrait
21 {
27  private function ‪getCookieScope(‪NormalizedParams $normalizedParams): ‪CookieScope
28  {
29  $cookieDomain = ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'] ?? '';
30  // If a specific cookie domain is defined for a given application type, use that domain
31  if (!empty(‪$GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['cookieDomain'])) {
32  $cookieDomain = ‪$GLOBALS['TYPO3_CONF_VARS'][$this->loginType]['cookieDomain'];
33  }
34  if (!$cookieDomain) {
35  return new ‪CookieScope(
36  domain: $normalizedParams->‪getRequestHostOnly(),
37  hostOnly: true,
38  // If no cookie domain is set, use the base path
39  path: $normalizedParams->‪getSitePath(),
40  );
41  }
42  if ($cookieDomain[0] === '/') {
43  $match = [];
44  $matchCount = @preg_match($cookieDomain, $normalizedParams->‪getRequestHostOnly(), $match);
45  if ($matchCount === false) {
46  $this->logger->critical(
47  'The regular expression for the cookie domain ({domain}) contains errors. The session is not shared across sub-domains.',
48  ['domain' => $cookieDomain]
49  );
50  }
51  if ($matchCount === false || $matchCount === 0) {
52  return new ‪CookieScope(
53  domain: $normalizedParams->‪getRequestHostOnly(),
54  hostOnly: true,
55  // If no cookie domain could be matched, use the base path
56  path: $normalizedParams->‪getSitePath(),
57  );
58  }
59  $cookieDomain = $match[0];
60  }
61 
62  return new ‪CookieScope(
63  // Normalize cookie domain by removing leading and trailing dots,
64  // see https://www.rfc-editor.org/rfc/rfc6265#section-4.1.2.3
65  // > Note that a leading %x2E ("."), if present, is ignored even though that character is not permitted,
66  // > but a trailing %x2E ("."), if present, will cause the user agent to ignore the attribute.
67  domain: trim($cookieDomain, '.'),
68  hostOnly: false,
69  path: '/',
70  );
71  }
72 }
‪TYPO3\CMS\Core\Http\NormalizedParams\getSitePath
‪string getSitePath()
Definition: NormalizedParams.php:452
‪TYPO3\CMS\Core\Http\NormalizedParams\getRequestHostOnly
‪string getRequestHostOnly()
Definition: NormalizedParams.php:356
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Http\NormalizedParams
Definition: NormalizedParams.php:38
‪TYPO3\CMS\Core\Http
Definition: AbstractApplication.php:18