summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--TODO89
-rw-r--r--php.ini23
2 files changed, 65 insertions, 47 deletions
diff --git a/TODO b/TODO
index 7fedcf9..512d13f 100644
--- a/TODO
+++ b/TODO
@@ -1,38 +1,51 @@
- php85-php-ast-1.1.2-2.fc41.remi.x86_64.rpm
- php85-php-lz4-0.5.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-amqp-2.1.2-3.fc41.remi.x86_64.rpm
- php85-php-pecl-apcu-5.1.25-1.fc41.remi.x86_64.rpm
- php85-php-pecl-apfd-1.0.3-4.fc41.remi.x86_64.rpm
- php85-php-pecl-dio-0.3.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-ds-1.6.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-eio-3.1.4-1.fc41.remi.x86_64.rpm
- php85-php-pecl-ev-1.2.1-1.fc41.remi.x86_64.rpm
- php85-php-pecl-event-3.1.4-1.fc41.remi.x86_64.rpm
- php85-php-pecl-fann-1.2.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-http-4.2.6-4.fc41.remi.x86_64.rpm
- php85-php-pecl-igbinary-3.2.16-2.fc41.remi.x86_64.rpm
- php85-php-pecl-imagick-im7-3.8.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-inotify-3.0.0-4.fc41.remi.x86_64.rpm
- php85-php-pecl-json-post-1.1.0-3.fc41.remi.x86_64.rpm
- php85-php-pecl-krb5-1.2.4-1.fc41.remi.x86_64.rpm
- php85-php-pecl-lzf-1.7.0-3.fc41.remi.x86_64.rpm
- php85-php-pecl-mailparse-3.1.8-1.fc41.remi.x86_64.rpm
- php85-php-pecl-memcache-8.2-3.fc41.remi.x86_64.rpm
- php85-php-pecl-memcached-3.3.0-3.fc41.remi.x86_64.rpm
- php85-php-pecl-mongodb2-2.1.1-1.fc41.remi.x86_64.rpm
- php85-php-pecl-msgpack-3.0.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-pcov-1.0.12-1.fc41.remi.x86_64.rpm
- php85-php-pecl-raphf-2.0.1-8.fc41.remi.x86_64.rpm
- php85-php-pecl-redis6-6.2.0-2.fc41.remi.x86_64.rpm
- php85-php-pecl-rpminfo-1.2.0-3.fc41.remi.x86_64.rpm
- php85-php-pecl-selinux-0.6.1-1.fc41.remi.x86_64.rpm
- php85-php-pecl-ssh2-1.4.1-1.fc41.remi.x86_64.rpm
- php85-php-pecl-uuid-1.3.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-vld-0.19.1-1.fc41.remi.x86_64.rpm
- php85-php-pecl-xattr-1.4.0-7.fc41.remi.x86_64.rpm
- php85-php-pecl-xmldiff-1.1.5-2.fc41.remi.x86_64.rpm
- php85-php-pecl-xpass-1.1.0-1.fc41.remi.x86_64.rpm
- php85-php-pecl-yaml-2.2.4-1.fc41.remi.x86_64.rpm
- php85-php-pecl-zip-1.22.6-2.fc41.remi.x86_64.rpm
- php85-php-smbclient-1.1.2-1.fc41.remi.x86_64.rpm
- php85-php-zstd-0.14.0-1.fc41.remi.x86_64.rpm
+=====================================================================
+FAILED TEST SUMMARY
+---------------------------------------------------------------------
+session_start() with partitioned cookies - header test [ext/session/tests/session_start_partitioned_headers.phpt]
+Bug #80774 (session_name() problem with backslash) [ext/session/tests/bug80774.phpt]
+Test session_regenerate_id() function : basic functionality [ext/session/tests/session_regenerate_id_cookie.phpt]
+GH-9200: setcookie has an obsolete expires date format [ext/session/tests/gh9200.phpt]
+=====================================================================
+
+TEST FAILURE: ../ext/session/tests/gh9200.diff --
+001- Success
+001+ Fail
+
+-- ../ext/session/tests/gh9200.diff result ends.
+TEST FAILURE: ../ext/session/tests/session_regenerate_id_cookie.diff --
+--
+ Expires: %s
+ Cache-Control: no-store, no-cache, must-revalidate
+ Pragma: no-cache
+006- Set-Cookie: PHPSESSID=%s; path=/; HttpOnly; SameSite=Lax
+006+ Set-Cookie: PHPSESSID=6fcb4df728ddaf8f543c61addb126137; path=/
+ Content-type: text/html; charset=UTF-8
+
+ bool(true)
+010- Set-Cookie: PHPSESSID=%s; path=/; HttpOnly; SameSite=Lax
+010+ Set-Cookie: PHPSESSID=de3db7c9522b951542e7d4be32adde18; path=/
+ bool(true)
+ bool(true)
+013- Set-Cookie: PHPSESSID=%s; path=/; HttpOnly; SameSite=Lax
+013+ Set-Cookie: PHPSESSID=6fcb4df728ddaf8f543c61addb126137; path=/
+ bool(true)
+ bool(true)
+ string(32) "%s"
+--
+
+-- ../ext/session/tests/session_regenerate_id_cookie.diff result ends.
+TEST FAILURE: ../ext/session/tests/bug80774.diff --
+001- Set-Cookie: foo\bar=12345; path=/; HttpOnly; SameSite=Lax
+001+ Set-Cookie: foo\bar=12345; path=/
+ --HEADERS--
+
+
+-- ../ext/session/tests/bug80774.diff result ends.
+TEST FAILURE: ../ext/session/tests/session_start_partitioned_headers.diff --
+001- Set-Cookie: PHPSESSID=12345; path=/; secure; Partitioned; HttpOnly; SameSite=Lax
+001+ Set-Cookie: PHPSESSID=12345; path=/; secure; Partitioned
+ --HEADERS--
+
+
+-- ../ext/session/tests/session_start_partitioned_headers.diff result ends.
+
diff --git a/php.ini b/php.ini
index 1d8e01a..b4724bb 100644
--- a/php.ini
+++ b/php.ini
@@ -613,6 +613,12 @@ ignore_repeated_source = Off
; Production Value: On
;fatal_error_backtraces = On
+; This directive controls whether PHP will print the actual arguments of a
+; function upon an error. If this is off (or there was an error fetching the
+; arguments), the function providing the error may optionally provide some
+; additional information after the problem function's name.
+;error_include_args = Off
+
;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
@@ -809,10 +815,10 @@ enable_dl = Off
;fastcgi.impersonate = 1
; Prevent decoding of SCRIPT_FILENAME when using Apache ProxyPass or
-; ProxyPassMatch. This should only be used if script file paths are already
-; stored in an encoded format on the file system.
-; Default is 0.
-;fastcgi.script_path_encoded = 1
+; ProxyPassMatch. This should be used if script file paths are not stored
+; in an encoded format on the file system.
+; Default is 1.
+;fastcgi.script_path_encoded = 0
; Disable logging through FastCGI connection. PHP's default behavior is to enable
; this feature.
@@ -1265,10 +1271,9 @@ session.save_handler = files
; Strict session mode does not accept an uninitialized session ID, and
; regenerates the session ID if the browser sends an uninitialized session ID.
; Strict mode protects applications from session fixation via a session adoption
-; vulnerability. It is disabled by default for maximum compatibility, but
-; enabling it is encouraged.
+; vulnerability.
; https://wiki.php.net/rfc/strict_sessions
-session.use_strict_mode = 0
+session.use_strict_mode = 1
; Whether to use cookies.
; https://php.net/session.use-cookies
@@ -1310,13 +1315,13 @@ session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it
; inaccessible to browser scripting languages such as JavaScript.
; https://php.net/session.cookie-httponly
-session.cookie_httponly =
+session.cookie_httponly = 1
; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF)
; Current valid values are "Strict", "Lax" or "None". When using "None",
; make sure to include the quotes, as `none` is interpreted like `false` in ini files.
; https://tools.ietf.org/html/draft-west-first-party-cookies-07
-session.cookie_samesite =
+session.cookie_samesite = "Lax"
; Handler used to serialize data. php is the standard serializer of PHP.
; https://php.net/session.serialize-handler