From 6df5f8b8edb91d10303c2e939530de9e0abc41c3 Mon Sep 17 00:00:00 2001 From: Alexander Ebert Date: Thu, 30 Nov 2017 14:20:07 +0100 Subject: [PATCH] Improved cookie prefix handling in developer mode Closes #2488 --- extra/examples/wsc-dev-config-31.json | 3 ++- .../install/files/lib/system/WCFSetup.class.php | 9 +++++++-- .../lib/system/devtools/DevtoolsSetup.class.php | 14 ++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/extra/examples/wsc-dev-config-31.json b/extra/examples/wsc-dev-config-31.json index da5cdd9881..605aa81ebf 100644 --- a/extra/examples/wsc-dev-config-31.json +++ b/extra/examples/wsc-dev-config-31.json @@ -7,7 +7,8 @@ "username": "root", "dbNumber": "2" }, - "useDefaultInstallPath": true + "useDefaultInstallPath": true, + "forceStaticCookiePrefix": true }, "configuration": { "option": { diff --git a/wcfsetup/install/files/lib/system/WCFSetup.class.php b/wcfsetup/install/files/lib/system/WCFSetup.class.php index f83fd2bd72..8c5429e3d0 100644 --- a/wcfsetup/install/files/lib/system/WCFSetup.class.php +++ b/wcfsetup/install/files/lib/system/WCFSetup.class.php @@ -1220,9 +1220,14 @@ class WCFSetup extends WCF { ]); } - // determine randomized cookie prefix + // determine the (randomized) cookie prefix + $useRandomCookiePrefix = true; + if (self::$developerMode && DevtoolsSetup::getInstance()->forceStaticCookiePrefix()) { + $useRandomCookiePrefix = false; + } + $prefix = 'wsc31_'; - if (!self::$developerMode) { + if ($useRandomCookiePrefix) { $cookieNames = array_keys($_COOKIE); while (true) { $prefix = 'wsc_' . substr(sha1(mt_rand()), 0, 6) . '_'; diff --git a/wcfsetup/install/files/lib/system/devtools/DevtoolsSetup.class.php b/wcfsetup/install/files/lib/system/devtools/DevtoolsSetup.class.php index 22a2065d77..1860e6a65c 100644 --- a/wcfsetup/install/files/lib/system/devtools/DevtoolsSetup.class.php +++ b/wcfsetup/install/files/lib/system/devtools/DevtoolsSetup.class.php @@ -79,6 +79,16 @@ class DevtoolsSetup extends SingletonFactory { return (isset($this->configuration['setup']) && isset($this->configuration['setup']['useDefaultInstallPath']) && $this->configuration['setup']['useDefaultInstallPath'] === true); } + /** + * Returns true if a static cookie prefix should be used, instead of the randomized + * value used for non-dev-mode installations. + * + * @return boolean + */ + public function forceStaticCookiePrefix() { + return (isset($this->configuration['setup']) && isset($this->configuration['setup']['forceStaticCookiePrefix']) && $this->configuration['setup']['forceStaticCookiePrefix'] === true); + } + /** * List of option values that will be set after the setup has completed. * @@ -87,6 +97,10 @@ class DevtoolsSetup extends SingletonFactory { public function getOptionOverrides() { if (!isset($this->configuration['configuration']) || empty($this->configuration['configuration']['option'])) return []; + if (isset($this->configuration['configuration']['option']['cookie_prefix'])) { + throw new \DomainException("The 'cookie_prefix' option cannot be set during the setup, consider using the 'forceStaticCookiePrefix' setting instead."); + } + return $this->configuration['configuration']['option']; } -- 2.20.1