Hi Sara, hi Frederik,
Thinking more about this I came to change my vote (and for that reason I’ll take back the suggestion to include it into 7.2): The array API is the better API and allows for healthier future growth so we should pursue that option There is a (very ugly) workaround to set a same site policy by misusing the “session.cookie_path” or “session.cookie_domain” setting (e.g. set it to “/; SameSite=Strict”, you are welcome, Internet). cu, Lars On 28.08.17, 18:20, "Sara Golemon" <p...@golemon.com on behalf of poll...@php.net> wrote: On Mon, Aug 28, 2017 at 12:10 PM, Frederik Bosch | Genkgo <f.bo...@genkgo.nl> wrote: Little misunderstanding then. I agree we can better have this PHP 7.3 and take some time for it. Current votes also suggest that we should go for the array argument implementation. Since there is only a PR for the extra argument implementation, it will also take time to have the PR for the array argument implementation ready. Taken that into account, we should not want this in 7.2. Indeed, yes. Assuming the votes continue on this sharp lean towards the array option, we should just forget all notions of trying to sneak this into 7.2. Direct calls in 7.2 and earlier can easily fall back on calling header('Set-Cookie: ...'); manually, while sessions support is slightly more complex, but still doable from userspace. I expect if need is deemed high for this, a drop-in composer package can do 90% of the work automatically. -Sara