Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service')
-rw-r--r--plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php2
-rw-r--r--plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php4
2 files changed, 4 insertions, 2 deletions
diff --git a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php
index f2d1f1d8..8f5b9b31 100644
--- a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php
+++ b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-jwt.php
@@ -81,7 +81,7 @@ class JWT {
* @uses urlsafe_b64_decode
*/
public static function decode( $jwt, $key, array $allowed_algs = array() ) {
- $timestamp = is_null( static::$timestamp ) ? time() : static::$timestamp;
+ $timestamp = static::$timestamp === null ? time() : static::$timestamp;
if ( empty( $key ) ) {
throw new InvalidArgumentException( 'Key may not be empty' );
diff --git a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php
index 05791022..5ab97af7 100644
--- a/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php
+++ b/plugins/jetpack/extensions/blocks/premium-content/_inc/subscription-service/class-token-subscription-service.php
@@ -174,7 +174,7 @@ abstract class Token_Subscription_Service implements Subscription_Service {
*/
private function set_token_cookie( $token ) {
if ( ! empty( $token ) ) {
- setcookie( self::JWT_AUTH_TOKEN_COOKIE_NAME, $token, 0, '/' );
+ setcookie( self::JWT_AUTH_TOKEN_COOKIE_NAME, $token, 0, '/', COOKIE_DOMAIN, is_ssl(), true ); // httponly -- used by visitor_can_view_content() within the PHP context.
}
}
@@ -234,6 +234,8 @@ abstract class Token_Subscription_Service implements Subscription_Service {
* @return string URL of the JWT endpoint.
*/
private function get_rest_api_token_url( $site_id, $redirect_url ) {
+ // The redirect url might have a part URL encoded but not the whole URL.
+ $redirect_url = rawurldecode( $redirect_url );
return sprintf( '%smemberships/jwt?site_id=%d&redirect_url=%s', self::REST_URL_ORIGIN, $site_id, rawurlencode( $redirect_url ) );
}