Skip to content

Add support of Mercure running on a subdomain #1394

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
martineiber merged 7 commits into from
Nov 17, 2025
Merged

Add support of Mercure running on a subdomain #1394

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b53578c
Add support of Mercure running on a subdomain
vrobert78 Sep 23, 2025
a9b73d3
Apply php-cs-fixer changes
vrobert78 Sep 23, 2025
623e3a9
remove no longer needed const
vrobert78 Sep 23, 2025
6b147af
Apply php-cs-fixer changes
vrobert78 Sep 23, 2025
d2bb9ee
Update src/Mercure/Service/HubService.php
vrobert78 Sep 23, 2025
63cecfd
Apply php-cs-fixer changes
vrobert78 Sep 23, 2025
f68ee60
Apply suggestions from code review
vrobert78 Nov 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion config/mercure.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ services:
arguments:
$tokenProvider: '@Pimcore\Bundle\StudioBackendBundle\Mercure\Service\ClientTokenService'
$cookieLifetime: '%pimcore_studio_backend.mercure_settings.cookie_lifetime%'
$cookieSameSite: '%pimcore_studio_backend.mercure_settings.cookie_same_site%'
$jwtCookieStrictness: '%pimcore_studio_backend.mercure_settings.jwt_cookie_strictness%'
$jwtCookieHost: '%pimcore_studio_backend.mercure_settings.jwt_cookie_host%'

Pimcore\Bundle\StudioBackendBundle\Mercure\Service\Loader\TopicLoaderInterface:
class: Pimcore\Bundle\StudioBackendBundle\Mercure\Service\Loader\TaggedIteratorAdapter
Expand Down
2 changes: 1 addition & 1 deletion src/Asset/Schema/Type/Video.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ public function __construct(
type: 'string',
example: '/path/to/video/imagethumbnail.jpg'
)]
private readonly?string $imageThumbnailPath,
private readonly ?string $imageThumbnailPath,
bool $hasChildren,
string $type,
string $filename,
Expand Down
22 changes: 7 additions & 15 deletions src/DependencyInjection/Configuration.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@
use Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition;
use Symfony\Component\Config\Definition\Builder\TreeBuilder;
use Symfony\Component\Config\Definition\ConfigurationInterface;
use Symfony\Component\HttpFoundation\Cookie;
use function is_array;
use function is_int;
use function is_null;
Expand All @@ -48,12 +47,6 @@ class Configuration implements ConfigurationInterface

private const string PERMISSION_ARRAY_VALUE_ERROR = 'Each permission value must be a boolean.';

private const array ALLOWED_COOKIE_SAME_SITE_VALUES = [
Cookie::SAMESITE_LAX,
Cookie::SAMESITE_NONE,
Cookie::SAMESITE_STRICT,
];

/**
* {@inheritdoc}
*/
Expand Down Expand Up @@ -297,14 +290,13 @@ private function addMercureConfiguration(ArrayNodeDefinition $node): void
->info('Lifetime of the mercure cookie in seconds. Default is one hour.')
->defaultValue(3600)
->end()
->enumNode('cookie_same_site')
->info('Same site setting for the mercure cookie. Default is "' .
Cookie::SAMESITE_STRICT .'". ' .
'Possible values are: ' .
implode(',', self::ALLOWED_COOKIE_SAME_SITE_VALUES) .'".'
)
->values(self::ALLOWED_COOKIE_SAME_SITE_VALUES)
->defaultValue(Cookie::SAMESITE_STRICT)
->scalarNode('jwt_cookie_host')
->info('Domain where to set the Mercure auth cookie, e.g. ".example.com".')
->defaultNull()
->end()
->booleanNode('jwt_cookie_strictness')
Comment thread
kingjia90 marked this conversation as resolved.
->info('If true, use SameSite=Strict; if false, use SameSite=None.')
->defaultTrue()
->end()
->end()
->end();
Expand Down
16 changes: 13 additions & 3 deletions src/Mercure/Service/HubService.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,24 +26,34 @@ public function __construct(
private TokenProviderInterface $tokenProvider,
private UrlServiceInterface $urlService,
private int $cookieLifetime = 3600,
private string $cookieSameSite = Cookie::SAMESITE_STRICT,
private bool $jwtCookieStrictness = true,
private ?string $jwtCookieHost = null,
) {
}

public function createCookie(): Cookie
{
$urlParts = parse_url($this->urlService->getClientSideUrl());

$host = '';
if (!empty($this->jwtCookieHost)) {
$host = $this->jwtCookieHost;
}

if ($host === '' && isset($urlParts[Mercure::URL_HOST->value])) {
$host = $urlParts[Mercure::URL_HOST->value];
}
Comment thread
vrobert78 marked this conversation as resolved.

return new Cookie(
Mercure::AUTHORIZATION_COOKIE_NAME->value,
$this->tokenProvider->getJwt(),
time() + $this->cookieLifetime,
$urlParts[Mercure::URL_PATH->value] ?? '/',
$urlParts[Mercure::URL_HOST->value] ?? '',
$host,
$urlParts[Mercure::URL_SCHEME->value] === Mercure::URL_SCHEME_HTTPS->value,
true,
false,
$this->cookieSameSite
$this->jwtCookieStrictness ? Cookie::SAMESITE_STRICT : Cookie::SAMESITE_NONE
);
}
}