thinkphp5.1 cookie跨域、thinkphp5.1 session跨域、tp5.1cookie跨域
cookie跨域:
//config/cookie.php return [ //... //仅7.3.0及以上适用 'samesite' => 'None', //是否加密cookie值,false为不加密 'aeskey' => '1234' ];
//thinkphp/library/think/Cookie.php <?php // +---------------------------------------------------------------------- // | ThinkPHP [ WE CAN DO IT JUST THINK ] // +---------------------------------------------------------------------- // | Copyright (c) 2006~2018 http://thinkphp.cn All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Author: liu21st <liu21st@gmail.com> // +---------------------------------------------------------------------- namespace think; use think\facade\Log; class Cookie { /** * 配置参数 * @var array */ protected $config = [ // cookie 名称前缀 'prefix' => '', // cookie 保存时间 'expire' => 0, // cookie 保存路径 'path' => '/', // cookie 有效域名 'domain' => '', // cookie 启用安全传输 'secure' => false, // httponly设置 'httponly' => false, // 是否使用 setcookie 'setcookie' => true, // 加密KEY 'aeskey' => false ]; /** * 构造方法 * @access public */ public function __construct(array $config = []) { $this->init($config); } /** * Cookie初始化 * @access public * @param array $config * @return void */ public function init(array $config = []) { $this->config = array_merge($this->config, array_change_key_case($config)); if (!empty($this->config['httponly']) && PHP_SESSION_ACTIVE != session_status()) { ini_set('session.cookie_httponly', 1); } } public static function __make(Config $config) { return new static($config->pull('cookie')); } private function aes($str, $type = true) { if ($type) { $str = time() . $this->config['expire'] . '_tp_' . $str; return openssl_encrypt($str, 'AES-128-ECB', $this->config['aeskey']); } $str = openssl_decrypt($str, 'AES-128-ECB', $this->config['aeskey']); $array = explode('_tp_', $str); if (count($array) != 2) { return false; } $time = substr($array[0], 0, 10); $expire = substr($array[0], 10); if ($expire && time() - $time >= $expire) { return $expire; } return $array[1]; } /** * 设置或者获取cookie作用域(前缀) * @access public * @param string $prefix * @return string|void */ public function prefix($prefix = '') { if (empty($prefix)) { return $this->config['prefix']; } $this->config['prefix'] = $prefix; } /** * Cookie 设置、获取、删除 * * @access public * @param string $name cookie名称 * @param mixed $value cookie值 * @param mixed $option 可选参数 可能会是 null|integer|string * @return void */ public function set($name, $value = '', $option = null) { // 参数设置(会覆盖黙认设置) if (!is_null($option)) { if (is_numeric($option)) { $option = ['expire' => $option]; } elseif (is_string($option)) { parse_str($option, $option); } $config = array_merge($this->config, array_change_key_case($option)); } else { $config = $this->config; } $name = $config['prefix'] . $name; // 设置cookie if (is_array($value)) { // array_walk_recursive($value, [$this, 'jsonFormatProtect'], 'encode'); // $value = 'think:' . json_encode($value); $value = serialize($value); } $value = urlencode($this->config['aeskey'] ? $this->aes($value) : $value); // $value = $this->config['aeskey']; Log::write($this->config, 'error'); $expire = !empty($config['expire']) ? $_SERVER['REQUEST_TIME'] + intval($config['expire']) : 0; if ($config['setcookie']) { $this->setCookie($name, $value, $expire, $config); } $_COOKIE[$name] = $value; } /** * Cookie 设置保存 * * @access public * @param string $name cookie名称 * @param mixed $value cookie值 * @param array $option 可选参数 * @return void */ protected function setCookie($name, $value, $expire, $option = []) { Log::write($option, 'error'); if ($option['aeskey']) { unset($option['aeskey']); } if (request()->isMobile()) { $option['domain'] = ''; } if (version_compare(PHP_VERSION, '7.3.0', '>=')) { setcookie($name, $value, [ 'expires' => $expire, 'path' => $option['path'], 'domain' => $option['domain'], 'secure' => $option['secure'], 'httponly' => $option['httponly'], 'samesite' => $option['samesite'], ]); } else { setcookie($name, $value, $expire, $option['path'], $option['domain'], $option['secure'], $option['httponly']); // setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); } } /** * 永久保存Cookie数据 * @access public * @param string $name cookie名称 * @param mixed $value cookie值 * @param mixed $option 可选参数 可能会是 null|integer|string * @return void */ public function forever($name, $value = '', $option = null) { if (is_null($option) || is_numeric($option)) { $option = []; } $option['expire'] = 315360000; $this->set($name, $value, $option); } /** * 判断Cookie数据 * @access public * @param string $name cookie名称 * @param string|null $prefix cookie前缀 * @return bool */ public function has($name, $prefix = null) { $prefix = !is_null($prefix) ? $prefix : $this->config['prefix']; $name = $prefix . $name; return isset($_COOKIE[$name]); } /** * Cookie获取 * @access public * @param string $name cookie名称 留空获取全部 * @param string|null $prefix cookie前缀 * @return mixed */ public function get($name = '', $prefix = null) { $prefix = !is_null($prefix) ? $prefix : $this->config['prefix']; $key = $prefix . $name; if ('' == $name) { if ($prefix) { $value = []; foreach ($_COOKIE as $k => $val) { if (0 === strpos($k, $prefix)) { $value[$k] = $val; } } } else { $value = $_COOKIE; } } elseif (isset($_COOKIE[$key])) { $value = $_COOKIE[$key]; $str = urldecode($value); $str = $this->config['aeskey'] ? $this->aes($str, false) : $str; try { $value = unserialize($str); } catch (Exception $e) { $value = $str; } // $value = $this->config['aeskey']; /* if (0 === strpos($value, 'think:')) { $value = substr($value, 6); $value = json_decode($value, true); array_walk_recursive($value, [$this, 'jsonFormatProtect'], 'decode'); } */ } else { $value = null; } return $value; } /** * Cookie删除 * @access public * @param string $name cookie名称 * @param string|null $prefix cookie前缀 * @return void */ public function delete($name, $prefix = null) { $config = $this->config; $prefix = !is_null($prefix) ? $prefix : $config['prefix']; $name = $prefix . $name; if ($config['setcookie']) { $this->setcookie($name, '', $_SERVER['REQUEST_TIME'] - 3600, $config); } // 删除指定cookie unset($_COOKIE[$name]); } /** * Cookie清空 * @access public * @param string|null $prefix cookie前缀 * @return void */ public function clear($prefix = null) { // 清除指定前缀的所有cookie if (empty($_COOKIE)) { return; } // 要删除的cookie前缀,不指定则删除config设置的指定前缀 $config = $this->config; $prefix = !is_null($prefix) ? $prefix : $config['prefix']; if ($prefix) { // 如果前缀为空字符串将不作处理直接返回 foreach ($_COOKIE as $key => $val) { if (0 === strpos($key, $prefix)) { if ($config['setcookie']) { $this->setcookie($key, '', $_SERVER['REQUEST_TIME'] - 3600, $config); } unset($_COOKIE[$key]); } } } return; } private function jsonFormatProtect(&$val, $key, $type = 'encode') { if (!empty($val) && true !== $val) { $val = 'decode' == $type ? urldecode($val) : urlencode($val); } } }
session跨域
//config/session.php <?php // +---------------------------------------------------------------------- // | ThinkPHP [ WE CAN DO IT JUST THINK ] // +---------------------------------------------------------------------- // | Copyright (c) 2006~2018 http://thinkphp.cn All rights reserved. // +---------------------------------------------------------------------- // | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 ) // +---------------------------------------------------------------------- // | Author: liu21st <liu21st@gmail.com> // +---------------------------------------------------------------------- // +---------------------------------------------------------------------- // | 会话设置 // +---------------------------------------------------------------------- return [ //... //samesite None Lax 'samesite' => 'None' ];
//thinkphp/library/think/Session.php //在官方源代码里的第170行下边增加代码 if (isset($config['secure'])) { ini_set('session.cookie_secure', $config['secure']); if (isset($config['samesite'])) { ini_set('session.cookie_samesite', $config['samesite']); } }
版权声明:原源代码版权属于thinkphp官方,其他博主修改代码的版权属于博主个人,修改的代码仅供参考(改的位置有点多,懒得注释了),复制代码产生的一切问题由使用者自行承担。本文未经许可禁止转载、复制、重新发布,否则保留追究版权法律责任!
本文来自博客园,作者:小枫同学,除网络转载的部分,其他版权属于作者和博客园所有,未经作者或博客园许可,禁止转载、复制、重新发布完整或者部分文字、代码、图片等信息,否则将保留追究法律责任的权利(如博客侵权了您的作品,本人再次表示抱歉,请将原创地址发送至下文邮箱,核实后立刻删除。)。查阅文章的同学,由于网络爬虫严重,有些代码并不会完整贴出来或者存在bug,不过你可以发送邮件到xfstune@126.com获取新代码,记得附上文章链接
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 25岁的心里话
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器
· 零经验选手,Compose 一天开发一款小游戏!
· 通过 API 将Deepseek响应流式内容输出到前端
· 因为Apifox不支持离线,我果断选择了Apipost!