Custom IniSet Sniff to allow for certain safelisted options

[rebeccahum]

Describe the solution you'd like

VIPCS could benefit from having a custom IniSet sniff...similar to https://github.com/WordPress/WordPress-Coding-Standards/blob/41f5a9c66ff814863bc479fb52fd6cd1abc87e28/WordPress/Sniffs/PHP/IniSetSniff.php#L55-L65, but we want to be able to customize the whitelist property for the below values:

• session.cookie_httponly
• session.cookie_secure
• session.use_only_cookies

WP already manages sessions but we have some clients that want to control PHP sessions via custom code.

What code should not be reported as a violation?

ini_set('session.cookie_httponly', true);
ini_set('session.cookie_secure', true);
ini_set('session.use_only_cookies', true);

Additional context

WordPress/WordPress-Coding-Standards#1993

[jrfnl]

As the WPCS property which controls the "allow list" is protected, I think we can simply extend the WPCS sniff and add those extra ini settings to the property from the sniff constructor.