cookie encryption must be disabled
Opened this issue · 3 comments
this will not work with cookie encryption enabled, you need to add them to your cookieEncrypt middleware exceptions
Hi @gaud2029,
Thanks for bringing this up. Did you have the opportunity to dig a bit deeper and figure out why the package does not work with cookie encryption enabled? If so, do you mind sharing your findings? If not, I'll try to have a look but I'm not sure I'll be able to do so shortly. Thanks!
If this helps any - I've just bumped into this issue. Not sure why, because I have two projects using this package and one of them works fine without this.
In the project that's having an issue, inside the CookiesManager, if I spit out the result of json_decode($raw, true)
on the encrypted cookie:
/**
* Retrieve the eventual existing cookie data.
*/
protected function getCurrentConsentSettings(Request $request): ?array
{
$preferences = ($raw = $request->cookie(config('cookieconsent.cookie.name')))
? json_decode($raw, true)
: null;
+. dd(json_decode($raw, true));
if (! $preferences || ! is_int($preferences['consent_at'] ?? null)) {
return null;
}
then I see that that's evaluating to null
:
And this is what's causing the settings to behave as if they don't exist at all.
this will not work with cookie encryption enabled, you need to add them to your cookieEncrypt middleware exceptions
In AppServiceProvider.php
:
$consentCookieName = config('cookieconsent.cookie.name');
EncryptCookies::except([$consentCookieName]);