Skip to content

Commit

Permalink
fix: do not set vary cookie if something bypassed session
Browse files Browse the repository at this point in the history
  • Loading branch information
@rafaucau
rafaucau committed Jan 30, 2024
1 parent 0484edb commit 42949da
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion src/Middleware/VaryCookieMiddleware.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,12 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
return $this->withVaryCookie($response, $session);
}

private function withVaryCookie(Response $response, Session $session): Response
private function withVaryCookie(Response $response, ?Session $session): Response
{
if (! $session) {
return $response;
}

return FigResponseCookies::set(
$response,
$this->cookie->make(LSCache::VARY_COOKIE, $session->token(), $this->session['lifetime'] * 60)
Expand Down

0 comments on commit 42949da

Please sign in to comment.