Merge pull request #857 from XMOJ-Script-dev/dev

Author: boomzero

Update.json

@@ -3058,6 +3058,28 @@
                 }
             ],
             "Notes": "随着 CI 更新, 相信以后的 release 都会有 release notes("
+        },
+        "2.3.1": {
+            "UpdateDate": 1758944205783,
+            "Prerelease": true,
+            "UpdateContents": [
+                {
+                    "PR": 856,
+                    "Description": "修复由于 PHPSESSID 启用了 httpOnly 导致的后台不可用"
+                }
+            ],
+            "Notes": "本版本修复了由于 PHPSESSID 启用了 httpOnly 导致的后台不可用"
+        },
+        "2.4.0": {
+            "UpdateDate": 1758956527554,
+            "Prerelease": false,
+            "UpdateContents": [
+                {
+                    "PR": 856,
+                    "Description": "修复由于 PHPSESSID 启用了 httpOnly 导致的后台不可用"
+                }
+            ],
+            "Notes": "请尽快升级至本版本！"
         }
     }
 }

XMOJ.user.js

@@ -1,6 +1,6 @@
 // ==UserScript==
 // @name         XMOJ
-// @version      2.3.0
+// @version      2.4.0
 // @description  XMOJ增强脚本
 // @author       @XMOJ-Script-dev, @langningchen and the community
 // @namespace    https://github/langningchen
@@ -20,6 +20,7 @@
 // @grant        unsafeWindow
 // @grant        GM_setValue
 // @grant        GM_getValue
+// @grant        GM_cookie
 // @homepage     https://www.xmoj-bbs.me/
 // @supportURL   https://support.xmoj-bbs.me/form/8050213e-c806-4680-b414-0d1c48263677
 // @connect      api.xmoj-bbs.tech
@@ -479,6 +480,20 @@ let RequestAPI = (Action, Data, CallBack) => {
                 Session = Temp[i].split("=")[1];
             }
         }
+        if (Session === "") { //The cookie is httpOnly
+            GM.cookie.set({
+                name: 'PHPSESSID',
+                value: (Math.random().toString(36).slice(2) + Math.random().toString(36).slice(2) + Math.random().toString(36).slice(2)).substring(0, 28),
+                path: "/"
+            })
+                .then(() => {
+                    console.log('Reset PHPSESSID successfully.');
+                    location.reload(); //Refresh the page to auth with the new PHPSESSID
+                })
+                .catch((error) => {
+                    console.error(error);
+                });
+        }
         let PostData = {
             "Authentication": {
                 "SessionID": Session, "Username": CurrentUsername,
@@ -1010,7 +1025,17 @@ async function main() {
                             });
                             PopupUL.children[5].addEventListener("click", () => {
                                 clearCredential();
-                                document.cookie = "PHPSESSID=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/"; //This is how you remove a cookie?
+                                GM.cookie.set({
+                                    name: 'PHPSESSID',
+                                    value: (Math.random().toString(36).slice(2) + Math.random().toString(36).slice(2) + Math.random().toString(36).slice(2)).substring(0, 28),
+                                    path: "/"
+                                })
+                                    .then(() => {
+                                        console.log('Reset PHPSESSID successfully.');
+                                    })
+                                    .catch((error) => {
+                                        console.error(error);
+                                    }); //We can no longer rely of the server to set the cookie for us
                                 location.href = "https://www.xmoj.tech/logout.php";
                             });
                             Array.from(PopupUL.children).forEach(item => {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "xmoj-script",
-  "version": "2.3.0",
+  "version": "2.4.0",
   "description": "an improvement script for xmoj.tech",
   "main": "AddonScript.js",
   "scripts": {