class Cookie
Same name in this branch
- 11.1.x vendor/symfony/browser-kit/Cookie.php \Symfony\Component\BrowserKit\Cookie
- 11.1.x core/modules/user/src/Authentication/Provider/Cookie.php \Drupal\user\Authentication\Provider\Cookie
Represents a cookie.
@author Johannes M. Schmitt <schmittjoh@gmail.com>
Hierarchy
- class \Symfony\Component\HttpFoundation\Cookie
Expanded class hierarchy of Cookie
6 files declare their use of Cookie
- AbstractSessionListener.php in vendor/
symfony/ http-kernel/ EventListener/ AbstractSessionListener.php - BigPipeController.php in core/
modules/ big_pipe/ src/ Controller/ BigPipeController.php - HttpFoundationFactory.php in vendor/
symfony/ psr-http-message-bridge/ Factory/ HttpFoundationFactory.php - RequestDataCollector.php in vendor/
symfony/ http-kernel/ DataCollector/ RequestDataCollector.php - ResponseCookieValueSame.php in vendor/
symfony/ http-foundation/ Test/ Constraint/ ResponseCookieValueSame.php
9 string references to 'Cookie'
- CookieJar::withCookieHeader in vendor/
guzzlehttp/ guzzle/ src/ Cookie/ CookieJar.php - Create a request with added cookie headers.
- FinishResponseSubscriber::setResponseCacheable in core/
lib/ Drupal/ Core/ EventSubscriber/ FinishResponseSubscriber.php - Add Cache-Control and Expires headers to a cacheable response.
- HttpCache::isPrivateRequest in vendor/
symfony/ http-kernel/ HttpCache/ HttpCache.php - Checks if the Request includes authorization or other sensitive information that should cause the Response to be considered private by default.
- HttpCache::__construct in vendor/
symfony/ http-kernel/ HttpCache/ HttpCache.php - Constructor.
- Loader::php in vendor/
phpunit/ phpunit/ src/ TextUI/ Configuration/ Xml/ Loader.php
File
-
vendor/
symfony/ http-foundation/ Cookie.php, line 19
Namespace
Symfony\Component\HttpFoundationView source
class Cookie {
public const SAMESITE_NONE = 'none';
public const SAMESITE_LAX = 'lax';
public const SAMESITE_STRICT = 'strict';
protected int $expire;
protected string $path;
private ?string $sameSite = null;
private bool $secureDefault = false;
private const RESERVED_CHARS_LIST = "=,; \t\r\n\v\f";
private const RESERVED_CHARS_FROM = [
'=',
',',
';',
' ',
"\t",
"\r",
"\n",
"\v",
"\f",
];
private const RESERVED_CHARS_TO = [
'%3D',
'%2C',
'%3B',
'%20',
'%09',
'%0D',
'%0A',
'%0B',
'%0C',
];
/**
* Creates cookie from raw header string.
*/
public static function fromString(string $cookie, bool $decode = false) : static {
$data = [
'expires' => 0,
'path' => '/',
'domain' => null,
'secure' => false,
'httponly' => false,
'raw' => !$decode,
'samesite' => null,
'partitioned' => false,
];
$parts = HeaderUtils::split($cookie, ';=');
$part = array_shift($parts);
$name = $decode ? urldecode($part[0]) : $part[0];
$value = isset($part[1]) ? $decode ? urldecode($part[1]) : $part[1] : null;
$data = HeaderUtils::combine($parts) + $data;
$data['expires'] = self::expiresTimestamp($data['expires']);
if (isset($data['max-age']) && ($data['max-age'] > 0 || $data['expires'] > time())) {
$data['expires'] = time() + (int) $data['max-age'];
}
return new static($name, $value, $data['expires'], $data['path'], $data['domain'], $data['secure'], $data['httponly'], $data['raw'], $data['samesite'], $data['partitioned']);
}
/**
* @see self::__construct
*
* @param self::SAMESITE_*|''|null $sameSite
*/
public static function create(string $name, ?string $value = null, int|string|\DateTimeInterface $expire = 0, ?string $path = '/', ?string $domain = null, ?bool $secure = null, bool $httpOnly = true, bool $raw = false, ?string $sameSite = self::SAMESITE_LAX, bool $partitioned = false) : self {
return new self($name, $value, $expire, $path, $domain, $secure, $httpOnly, $raw, $sameSite, $partitioned);
}
/**
* @param string $name The name of the cookie
* @param string|null $value The value of the cookie
* @param int|string|\DateTimeInterface $expire The time the cookie expires
* @param string|null $path The path on the server in which the cookie will be available on
* @param string|null $domain The domain that the cookie is available to
* @param bool|null $secure Whether the client should send back the cookie only over HTTPS or null to auto-enable this when the request is already using HTTPS
* @param bool $httpOnly Whether the cookie will be made accessible only through the HTTP protocol
* @param bool $raw Whether the cookie value should be sent with no url encoding
* @param self::SAMESITE_*|''|null $sameSite Whether the cookie will be available for cross-site requests
*
* @throws \InvalidArgumentException
*/
public function __construct(string $name, ?string $value = null, int|string|\DateTimeInterface $expire = 0, ?string $path = '/', ?string $domain = null, ?bool $secure = null, bool $httpOnly = true, bool $raw = false, ?string $sameSite = self::SAMESITE_LAX, bool $partitioned = false) {
// from PHP source code
if ($raw && false !== strpbrk($name, self::RESERVED_CHARS_LIST)) {
throw new \InvalidArgumentException(\sprintf('The cookie name "%s" contains invalid characters.', $name));
}
if (!$name) {
throw new \InvalidArgumentException('The cookie name cannot be empty.');
}
$this->expire = self::expiresTimestamp($expire);
$this->path = $path ?: '/';
$this->sameSite = $this->withSameSite($sameSite)->sameSite;
}
/**
* Creates a cookie copy with a new value.
*/
public function withValue(?string $value) : static {
$cookie = clone $this;
$cookie->value = $value;
return $cookie;
}
/**
* Creates a cookie copy with a new domain that the cookie is available to.
*/
public function withDomain(?string $domain) : static {
$cookie = clone $this;
$cookie->domain = $domain;
return $cookie;
}
/**
* Creates a cookie copy with a new time the cookie expires.
*/
public function withExpires(int|string|\DateTimeInterface $expire = 0) : static {
$cookie = clone $this;
$cookie->expire = self::expiresTimestamp($expire);
return $cookie;
}
/**
* Converts expires formats to a unix timestamp.
*/
private static function expiresTimestamp(int|string|\DateTimeInterface $expire = 0) : int {
// convert expiration time to a Unix timestamp
if ($expire instanceof \DateTimeInterface) {
$expire = $expire->format('U');
}
elseif (!is_numeric($expire)) {
$expire = strtotime($expire);
if (false === $expire) {
throw new \InvalidArgumentException('The cookie expiration time is not valid.');
}
}
return 0 < $expire ? (int) $expire : 0;
}
/**
* Creates a cookie copy with a new path on the server in which the cookie will be available on.
*/
public function withPath(string $path) : static {
$cookie = clone $this;
$cookie->path = '' === $path ? '/' : $path;
return $cookie;
}
/**
* Creates a cookie copy that only be transmitted over a secure HTTPS connection from the client.
*/
public function withSecure(bool $secure = true) : static {
$cookie = clone $this;
$cookie->secure = $secure;
return $cookie;
}
/**
* Creates a cookie copy that be accessible only through the HTTP protocol.
*/
public function withHttpOnly(bool $httpOnly = true) : static {
$cookie = clone $this;
$cookie->httpOnly = $httpOnly;
return $cookie;
}
/**
* Creates a cookie copy that uses no url encoding.
*/
public function withRaw(bool $raw = true) : static {
if ($raw && false !== strpbrk($this->name, self::RESERVED_CHARS_LIST)) {
throw new \InvalidArgumentException(\sprintf('The cookie name "%s" contains invalid characters.', $this->name));
}
$cookie = clone $this;
$cookie->raw = $raw;
return $cookie;
}
/**
* Creates a cookie copy with SameSite attribute.
*
* @param self::SAMESITE_*|''|null $sameSite
*/
public function withSameSite(?string $sameSite) : static {
if ('' === $sameSite) {
$sameSite = null;
}
elseif (null !== $sameSite) {
$sameSite = strtolower($sameSite);
}
if (!\in_array($sameSite, [
self::SAMESITE_LAX,
self::SAMESITE_STRICT,
self::SAMESITE_NONE,
null,
], true)) {
throw new \InvalidArgumentException('The "sameSite" parameter value is not valid.');
}
$cookie = clone $this;
$cookie->sameSite = $sameSite;
return $cookie;
}
/**
* Creates a cookie copy that is tied to the top-level site in cross-site context.
*/
public function withPartitioned(bool $partitioned = true) : static {
$cookie = clone $this;
$cookie->partitioned = $partitioned;
return $cookie;
}
/**
* Returns the cookie as a string.
*/
public function __toString() : string {
if ($this->isRaw()) {
$str = $this->getName();
}
else {
$str = str_replace(self::RESERVED_CHARS_FROM, self::RESERVED_CHARS_TO, $this->getName());
}
$str .= '=';
if ('' === (string) $this->getValue()) {
$str .= 'deleted; expires=' . gmdate('D, d M Y H:i:s T', time() - 31536001) . '; Max-Age=0';
}
else {
$str .= $this->isRaw() ? $this->getValue() : rawurlencode($this->getValue());
if (0 !== $this->getExpiresTime()) {
$str .= '; expires=' . gmdate('D, d M Y H:i:s T', $this->getExpiresTime()) . '; Max-Age=' . $this->getMaxAge();
}
}
if ($this->getPath()) {
$str .= '; path=' . $this->getPath();
}
if ($this->getDomain()) {
$str .= '; domain=' . $this->getDomain();
}
if ($this->isSecure()) {
$str .= '; secure';
}
if ($this->isHttpOnly()) {
$str .= '; httponly';
}
if (null !== $this->getSameSite()) {
$str .= '; samesite=' . $this->getSameSite();
}
if ($this->isPartitioned()) {
$str .= '; partitioned';
}
return $str;
}
/**
* Gets the name of the cookie.
*/
public function getName() : string {
return $this->name;
}
/**
* Gets the value of the cookie.
*/
public function getValue() : ?string {
return $this->value;
}
/**
* Gets the domain that the cookie is available to.
*/
public function getDomain() : ?string {
return $this->domain;
}
/**
* Gets the time the cookie expires.
*/
public function getExpiresTime() : int {
return $this->expire;
}
/**
* Gets the max-age attribute.
*/
public function getMaxAge() : int {
$maxAge = $this->expire - time();
return max(0, $maxAge);
}
/**
* Gets the path on the server in which the cookie will be available on.
*/
public function getPath() : string {
return $this->path;
}
/**
* Checks whether the cookie should only be transmitted over a secure HTTPS connection from the client.
*/
public function isSecure() : bool {
return $this->secure ?? $this->secureDefault;
}
/**
* Checks whether the cookie will be made accessible only through the HTTP protocol.
*/
public function isHttpOnly() : bool {
return $this->httpOnly;
}
/**
* Whether this cookie is about to be cleared.
*/
public function isCleared() : bool {
return 0 !== $this->expire && $this->expire < time();
}
/**
* Checks if the cookie value should be sent with no url encoding.
*/
public function isRaw() : bool {
return $this->raw;
}
/**
* Checks whether the cookie should be tied to the top-level site in cross-site context.
*/
public function isPartitioned() : bool {
return $this->partitioned;
}
/**
* @return self::SAMESITE_*|null
*/
public function getSameSite() : ?string {
return $this->sameSite;
}
/**
* @param bool $default The default value of the "secure" flag when it is set to null
*/
public function setSecureDefault(bool $default) : void {
$this->secureDefault = $default;
}
}Members
| Title Sort descending | Modifiers | Object type | Summary |
|---|---|---|---|
| Cookie::$expire | protected | property | |
| Cookie::$path | protected | property | |
| Cookie::$sameSite | private | property | |
| Cookie::$secureDefault | private | property | |
| Cookie::create | public static | function | |
| Cookie::expiresTimestamp | private static | function | Converts expires formats to a unix timestamp. |
| Cookie::fromString | public static | function | Creates cookie from raw header string. |
| Cookie::getDomain | public | function | Gets the domain that the cookie is available to. |
| Cookie::getExpiresTime | public | function | Gets the time the cookie expires. |
| Cookie::getMaxAge | public | function | Gets the max-age attribute. |
| Cookie::getName | public | function | Gets the name of the cookie. |
| Cookie::getPath | public | function | Gets the path on the server in which the cookie will be available on. |
| Cookie::getSameSite | public | function | |
| Cookie::getValue | public | function | Gets the value of the cookie. |
| Cookie::isCleared | public | function | Whether this cookie is about to be cleared. |
| Cookie::isHttpOnly | public | function | Checks whether the cookie will be made accessible only through the HTTP protocol. |
| Cookie::isPartitioned | public | function | Checks whether the cookie should be tied to the top-level site in cross-site context. |
| Cookie::isRaw | public | function | Checks if the cookie value should be sent with no url encoding. |
| Cookie::isSecure | public | function | Checks whether the cookie should only be transmitted over a secure HTTPS connection from the client. |
| Cookie::RESERVED_CHARS_FROM | private | constant | |
| Cookie::RESERVED_CHARS_LIST | private | constant | |
| Cookie::RESERVED_CHARS_TO | private | constant | |
| Cookie::SAMESITE_LAX | public | constant | |
| Cookie::SAMESITE_NONE | public | constant | |
| Cookie::SAMESITE_STRICT | public | constant | |
| Cookie::setSecureDefault | public | function | |
| Cookie::withDomain | public | function | Creates a cookie copy with a new domain that the cookie is available to. |
| Cookie::withExpires | public | function | Creates a cookie copy with a new time the cookie expires. |
| Cookie::withHttpOnly | public | function | Creates a cookie copy that be accessible only through the HTTP protocol. |
| Cookie::withPartitioned | public | function | Creates a cookie copy that is tied to the top-level site in cross-site context. |
| Cookie::withPath | public | function | Creates a cookie copy with a new path on the server in which the cookie will be available on. |
| Cookie::withRaw | public | function | Creates a cookie copy that uses no url encoding. |
| Cookie::withSameSite | public | function | Creates a cookie copy with SameSite attribute. |
| Cookie::withSecure | public | function | Creates a cookie copy that only be transmitted over a secure HTTPS connection from the client. |
| Cookie::withValue | public | function | Creates a cookie copy with a new value. |
| Cookie::__construct | public | function | |
| Cookie::__toString | public | function | Returns the cookie as a string. |