Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:100304
Return-Path: <f.bosch@genkgo.nl>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 63266 invoked from network); 25 Aug 2017 21:19:59 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 25 Aug 2017 21:19:59 -0000
Authentication-Results: pb1.pair.com header.from=f.bosch@genkgo.nl; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=f.bosch@genkgo.nl; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain genkgo.nl designates 46.21.156.38 as permitted sender)
X-PHP-List-Original-Sender: f.bosch@genkgo.nl
X-Host-Fingerprint: 46.21.156.38 mail.genkgo.net  
Received: from [46.21.156.38] ([46.21.156.38:57277] helo=mail.genkgo.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 95/79-34801-D7490A95 for <internals@lists.php.net>; Fri, 25 Aug 2017 17:19:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=genkgo.nl;
	 s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:Message-ID:
	Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description:Resent-Date
	:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
	References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:
	List-Owner:List-Archive; bh=zqUkMTpQo+cqvWYx/LypRiIDcWa/SvynXFsBDfYzp54=; b=O
	KPAQbuWoFCsTU3adpYXhyUtFMhy1RnNSAwg8qKW56Oa0w+zvk8JA+bqG1bxwzPW2VJDKqN/aU+nQ8
	3wMe0q9ZXR2Cy6ddVm6UApMXDSGOT23pLKiDUjKuiFlgvcWRVMv8HUy1EJFE8yxoKp7AJLUQKOhMZ
	IElwfl9Eygm2+KJDIBIy5dK12hL9b/ddAa2XZi8dHrav7HQFRD8yE9PyenwgF2MzDrHUJ3YIqyksI
	0bdnXIOCsFXhzEHJaGQGljebVNPoSwvl8DG2VDxdvgj5zXCuUCt4YTcCkF5JA9muPBOzliAkPGEeR
	kO+wgTsF6GhZbk/FZgR8/7L599RiBFH+w==;
Received: from [77.172.138.133] (helo=[192.168.1.70])
	by mail.genkgo.net with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128)
	(Exim 4.87)
	(envelope-from <f.bosch@genkgo.nl>)
	id 1dlM1C-0002wj-1f
	for internals@lists.php.net; Fri, 25 Aug 2017 23:19:54 +0200
To: internals@lists.php.net
Message-ID: <a4189866-23ea-4dc5-12a4-a7fbad8e5601@genkgo.nl>
Date: Fri, 25 Aug 2017 23:19:53 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
Subject: [VOTE] Same Site Cookie RFC
From: f.bosch@genkgo.nl (Frederik Bosch)

LS,

Just now, I opened the RFC on implementing same site cookies in PHP, 
https://wiki.php.net/rfc/same-site-cookie, for voting.

It consists of two questions, depending on the implementation you would 
like to see of the feature. Both questions will affect the API of four 
core functions: setcookie, setrawcookie, session_set_cookie_params and 
session_get_cookie_params. The first three functions have a similar 
function signature. The first implementation suggestion is to add an 
additional argument to these three functions. The second implementation 
suggestion is to allow an array of options in which all the cookie 
options will be moved into. More details are to be found in the RFC.

Hopefully, the samesite cookie flag will become a feature of the PHP 
language through this RFC!

Kind regards,
Frederik Bosch