Fixes for cookie signing

src/EventListener/SignedCookieListener.php

@@ -72,7 +72,7 @@ public function onKernelResponse(ResponseEvent $e): void
         $response = $e->getResponse();
 
         foreach ($response->headers->getCookies() as $cookie) {
-            if (true === $this->signedCookieNames || \in_array($cookie->getName(), $this->signedCookieNames, true)) {
+            if ($cookie->getValue() && (true === $this->signedCookieNames || \in_array($cookie->getName(), $this->signedCookieNames, true))) {
                 $response->headers->removeCookie($cookie->getName(), $cookie->getPath(), $cookie->getDomain());
                 $signedCookie = new Cookie(
                     $cookie->getName(),

src/Signer.php

@@ -34,7 +34,7 @@ public function getSignedValue(string $value, ?string $signature = null): string
             $signature = $this->generateSignature($value);
         }
 
-        return $value.'.'.$signature;
+        return $value.','.$signature;
     }
 
     public function verifySignedValue(string $signedValue): bool
@@ -75,7 +75,7 @@ private function generateSignature(string $value): string
      */
     private function splitSignatureFromSignedValue(string $signedValue): array
     {
-        $pos = strrpos($signedValue, '.');
+        $pos = strrpos($signedValue, ',');
         if (false === $pos) {
             return [$signedValue, null];
         }

tests/Listener/SignedCookieListenerTest.php

@@ -61,8 +61,8 @@ public function provideCookieReading(): array
             [[], [], []],
             [[], ['foo' => 'bar'], ['foo' => 'bar']],
             [['foo'], ['foo' => 'bar'], []],
-            [['foo'], ['foo' => 'bar.ca3756f81d3728a023bdc8a622c0906f373b795e'], ['foo' => 'bar']],
-            [['*'], ['foo' => 'bar.ca3756f81d3728a023bdc8a622c0906f373b795e'], ['foo' => 'bar']],
+            [['foo'], ['foo' => 'bar,ca3756f81d3728a023bdc8a622c0906f373b795e'], ['foo' => 'bar']],
+            [['*'], ['foo' => 'bar,ca3756f81d3728a023bdc8a622c0906f373b795e'], ['foo' => 'bar']],
         ];
     }
 
@@ -99,8 +99,8 @@ public function provideCookieWriting(): array
         return [
             [[], [], []],
             [[], ['foo' => 'bar'], ['foo' => 'bar']],
-            [['foo'], ['foo' => 'bar'], ['foo' => 'bar.ca3756f81d3728a023bdc8a622c0906f373b795e']],
-            [['*'], ['foo' => 'bar'], ['foo' => 'bar.ca3756f81d3728a023bdc8a622c0906f373b795e']],
+            [['foo'], ['foo' => 'bar'], ['foo' => 'bar,ca3756f81d3728a023bdc8a622c0906f373b795e']],
+            [['*'], ['foo' => 'bar'], ['foo' => 'bar,ca3756f81d3728a023bdc8a622c0906f373b795e']],
         ];
     }
 
@@ -129,4 +129,19 @@ public function testCookieWritingSkipsSubReqs(): void
         $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
         $this->assertSame('bar', $cookies['']['/']['foo']->getValue());
     }
+
+    public function testCookieWritingHandlesEmptyValue(): void
+    {
+        $listener = new SignedCookieListener($this->signer, ['*']);
+        $request = Request::create('/');
+
+        $response = new Response();
+        $response->headers->setCookie(Cookie::create('foo'));
+
+        $event = $this->createResponseEventWithKernel($this->kernel, $request, true, $response);
+        $listener->onKernelResponse($event);
+
+        $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
+        $this->assertNull($cookies['']['/']['foo']->getValue());
+    }
 }