ACPT-1718

JacobBrownAustin · JacobBrownAustin · commit 432552bb9d20 · 2024-01-19T16:41:58.000-06:00
Adding new CookieDisablerInterface so that Framework/App/PageCache/Kernel can work the same when not using PHP's built-in cookies.
diff --git a/app/code/Magento/Cookie/etc/di.xml b/app/code/Magento/Cookie/etc/di.xml
@@ -7,5 +7,6 @@
 -->
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
     <preference for="Magento\Framework\Stdlib\CookieManagerInterface" type="Magento\Framework\Stdlib\Cookie\PhpCookieManager" />
+    <preference for="Magento\Framework\Stdlib\CookieDisablerInterface" type="Magento\Framework\Stdlib\Cookie\PhpCookieDisabler" />
 </config>
 
diff --git a/app/etc/di.xml b/app/etc/di.xml
@@ -94,6 +94,7 @@
     <preference for="Magento\Framework\Stdlib\Cookie\CookieScopeInterface" type="Magento\Framework\Stdlib\Cookie\CookieScope" />
     <preference for="Magento\Framework\Stdlib\Cookie\CookieReaderInterface" type="Magento\Framework\Stdlib\Cookie\PhpCookieReader" />
     <preference for="Magento\Framework\Stdlib\CookieManagerInterface" type="Magento\Framework\Stdlib\Cookie\PhpCookieManager" />
+    <preference for="Magento\Framework\Stdlib\CookieDisablerInterface" type="Magento\Framework\Stdlib\Cookie\PhpCookieDisabler" />
     <preference for="Magento\Framework\TranslateInterface" type="Magento\Framework\Translate" />
     <preference for="Magento\Framework\Config\ScopeListInterface" type="interceptionConfigScope" />
     <preference for="Magento\Framework\View\Design\Theme\Label\ListInterface" type="Magento\Theme\Model\ResourceModel\Theme\Collection" />
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/GraphQl/GraphQlSessionTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/GraphQl/GraphQlSessionTest.php
@@ -48,6 +48,10 @@ public function setUp(): void
     /**
      * Test for checking if graphQL query sets session cookies
      *
+     * Note: The reason why the first response doesn't have cookies, but the subsequent responses do is
+     * because Magento/Framework/App/PageCache/Kernel.php removes Set-Cookie headers when the response has a
+     * public Cache-Control.  This test asserts that behaviour.
+     *
      * @magentoApiDataFixture Magento/Catalog/_files/categories.php
      * @magentoConfigFixture graphql/session/disable 0
      */
@@ -71,8 +75,7 @@ public function testCheckSessionCookieWithGetCategoryList(): void
         $result = $this->graphQlClient->getWithResponseHeaders($query, [], '', [], true);
         $this->assertEmpty($result['cookies']);
         // perform secondary request after cookies have been flushed
-        $result = $this->graphQlClient->getWithResponseHeaders($query, [], '', []);
-
+        $result = $this->graphQlClient->getWithResponseHeaders($query, [], '', [], true);
         // may have other cookies than session
         $this->assertNotEmpty($result['cookies']);
         $this->assertAnyCookieMatchesRegex('/PHPSESSID=[a-z0-9]+;/', $result['cookies']);
diff --git a/lib/internal/Magento/Framework/App/PageCache/Kernel.php b/lib/internal/Magento/Framework/App/PageCache/Kernel.php
@@ -7,6 +7,7 @@
 
 use Magento\Framework\App\State as AppState;
 use Magento\Framework\App\ObjectManager;
+use Magento\Framework\Stdlib\CookieDisablerInterface;
 
 /**
  * Builtin cache processor
@@ -68,6 +69,8 @@ class Kernel
      */
     private $identifierForSave;
 
+    private readonly CookieDisablerInterface $cookieDisabler;
+
     /**
      * @param Cache $cache
      * @param \Magento\Framework\App\PageCache\IdentifierInterface $identifier
@@ -79,6 +82,7 @@ class Kernel
      * @param AppState|null $state
      * @param \Magento\PageCache\Model\Cache\Type|null $fullPageCache
      * @param  \Magento\Framework\App\PageCache\IdentifierInterface|null $identifierForSave
+     * @param CookieDisablerInterface|null $cookieDisabler
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
     public function __construct(
@@ -91,7 +95,8 @@ public function __construct(
         \Magento\Framework\Serialize\SerializerInterface $serializer = null,
         AppState $state = null,
         \Magento\PageCache\Model\Cache\Type $fullPageCache = null,
-        \Magento\Framework\App\PageCache\IdentifierInterface $identifierForSave = null
+        \Magento\Framework\App\PageCache\IdentifierInterface $identifierForSave = null,
+        ?CookieDisablerInterface $cookieDisabler = null,
     ) {
         $this->cache = $cache;
         $this->identifier = $identifier;
@@ -113,6 +118,7 @@ public function __construct(
         $this->identifierForSave = $identifierForSave ?? ObjectManager::getInstance()->get(
             \Magento\Framework\App\PageCache\IdentifierInterface::class
         );
+        $this->cookieDisabler = $cookieDisabler ?? ObjectManager::getInstance()->get(CookieDisablerInterface::class);
     }
 
     /**
@@ -163,9 +169,7 @@ public function process(\Magento\Framework\App\Response\Http $response)
                 if ($this->state->getMode() != AppState::MODE_DEVELOPER) {
                     $response->clearHeader('X-Magento-Tags');
                 }
-                if (!headers_sent()) {
-                    header_remove('Set-Cookie');
-                }
+                $this->cookieDisabler->setCookiesDisabled(true);
 
                 $this->fullPageCache->save(
                     $this->serializer->serialize($this->getPreparedData($response)),
diff --git a/lib/internal/Magento/Framework/Stdlib/Cookie/PhpCookieDisabler.php b/lib/internal/Magento/Framework/Stdlib/Cookie/PhpCookieDisabler.php
@@ -0,0 +1,29 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Framework\Stdlib\Cookie;
+
+use Magento\Framework\App\ObjectManager;
+use Magento\Framework\Exception\InputException;
+use Magento\Framework\Stdlib\CookieDisablerInterface;
+use Magento\Framework\Stdlib\CookieManagerInterface;
+use Magento\Framework\Phrase;
+use Magento\Framework\HTTP\Header as HttpHeader;
+use Psr\Log\LoggerInterface;
+
+/**
+ * Disables sending the cookies that are currently set.
+ */
+class PhpCookieDisabler implements CookieDisablerInterface
+{
+    public function setCookiesDisabled(bool $disabled) : void
+    {
+        if ($disabled && !headers_sent()) {
+            header_remove('Set-Cookie');
+        }
+    }
+}
diff --git a/lib/internal/Magento/Framework/Stdlib/CookieDisablerInterface.php b/lib/internal/Magento/Framework/Stdlib/CookieDisablerInterface.php
@@ -0,0 +1,15 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Framework\Stdlib;
+
+/**
+ * This interface is for when you need to disable all cookies from being sent in the HTTP response
+ */
+interface CookieDisablerInterface
+{
+    public function setCookiesDisabled(bool $disabled) : void;
+}
