Make newline standardization configurable
Added ['standardize_newlines']
Also altered the Session cookie driver, which experienced issues with this
feature due to it's HMAC verification failing after the Input class alters
newlines in non-encrypted session cookies.
Supersedes PR #2470
diff --git a/system/libraries/Session/drivers/Session_cookie.php b/system/libraries/Session/drivers/Session_cookie.php
index dc75d8e..65debcb 100644
--- a/system/libraries/Session/drivers/Session_cookie.php
+++ b/system/libraries/Session/drivers/Session_cookie.php
@@ -165,6 +165,8 @@
*/
public $now;
+ // ------------------------------------------------------------------------
+
/**
* Default userdata keys
*
@@ -185,6 +187,15 @@
protected $data_dirty = FALSE;
/**
+ * Standardize newlines flag
+ *
+ * @var bool
+ */
+ protected $_standardize_newlines;
+
+ // ------------------------------------------------------------------------
+
+ /**
* Initialize session driver object
*
* @return void
@@ -209,9 +220,11 @@
'sess_time_to_update',
'time_reference',
'cookie_prefix',
- 'encryption_key'
+ 'encryption_key',
);
+ $this->_standardize_newlines = (bool) $config['standardize_newlines'];
+
foreach ($prefs as $key)
{
$this->$key = isset($this->_parent->params[$key])
@@ -695,6 +708,16 @@
? array_intersect_key($this->userdata, $this->defaults)
: $this->userdata;
+ // The Input class will do this and since we use HMAC verification,
+ // unless we standardize here as well, the hash won't match.
+ if ($this->_standardize_newlines)
+ {
+ foreach (array_keys($this->userdata) as $key)
+ {
+ $this->userdata[$key] = preg_replace('/(?:\r\n|[\r\n])/', PHP_EOL, $this->userdata[$key]);
+ }
+ }
+
// Serialize the userdata for the cookie
$cookie_data = serialize($cookie_data);