diff -r be944660c56a -r 3d72ae0968f4 wp/wp-includes/class-wp-http-cookie.php --- a/wp/wp-includes/class-wp-http-cookie.php Wed Sep 21 18:19:35 2022 +0200 +++ b/wp/wp-includes/class-wp-http-cookie.php Tue Sep 27 16:37:53 2022 +0200 @@ -24,6 +24,7 @@ * Cookie name. * * @since 2.8.0 + * * @var string */ public $name; @@ -32,6 +33,7 @@ * Cookie value. * * @since 2.8.0 + * * @var string */ public $value; @@ -40,6 +42,7 @@ * When the cookie expires. Unix timestamp or formatted date. * * @since 2.8.0 + * * @var string|int|null */ public $expires; @@ -48,6 +51,7 @@ * Cookie URL path. * * @since 2.8.0 + * * @var string */ public $path; @@ -56,14 +60,25 @@ * Cookie Domain. * * @since 2.8.0 + * * @var string */ public $domain; /** + * Cookie port or comma-separated list of ports. + * + * @since 2.8.0 + * + * @var int|string + */ + public $port; + + /** * host-only flag. * * @since 5.2.0 + * * @var bool */ public $host_only; @@ -85,7 +100,7 @@ * @type string|int|null $expires Optional. Unix timestamp or formatted date. Default null. * @type string $path Optional. Path. Default '/'. * @type string $domain Optional. Domain. Default host of parsed $requested_url. - * @type int $port Optional. Port. Default null. + * @type int|string $port Optional. Port or comma-separated list of ports. Default null. * @type bool $host_only Optional. host-only storage flag. Default true. * } * @param string $requested_url The URL which the cookie was set on, used for default $domain @@ -93,12 +108,12 @@ */ public function __construct( $data, $requested_url = '' ) { if ( $requested_url ) { - $arrURL = parse_url( $requested_url ); + $parsed_url = parse_url( $requested_url ); } - if ( isset( $arrURL['host'] ) ) { - $this->domain = $arrURL['host']; + if ( isset( $parsed_url['host'] ) ) { + $this->domain = $parsed_url['host']; } - $this->path = isset( $arrURL['path'] ) ? $arrURL['path'] : '/'; + $this->path = isset( $parsed_url['path'] ) ? $parsed_url['path'] : '/'; if ( '/' !== substr( $this->path, -1 ) ) { $this->path = dirname( $this->path ) . '/'; } @@ -187,7 +202,7 @@ // Host - very basic check that the request URL ends with the domain restriction (minus leading dot). $domain = ( '.' === substr( $domain, 0, 1 ) ) ? substr( $domain, 1 ) : $domain; - if ( substr( $url['host'], -strlen( $domain ) ) != $domain ) { + if ( substr( $url['host'], -strlen( $domain ) ) !== $domain ) { return false; } @@ -197,7 +212,7 @@ } // Path - request path must start with path restriction. - if ( substr( $url['path'], 0, strlen( $path ) ) != $path ) { + if ( substr( $url['path'], 0, strlen( $path ) ) !== $path ) { return false; }