MediaWiki master
Public Member Functions | Static Public Member Functions | List of all members
Cookie Class Reference

Cookie for HTTP requests. More...

Public Member Functions

 __construct (string $name, string $value, array $attr)
 
 serializeToHttpRequest (string $path, string $domain)
 Serialize the cookie jar into a format useful for HTTP Request headers.
 
 set (string $value, array $attr)
 Sets a cookie.
 

Static Public Member Functions

static validateCookieDomain (string $domain, ?string $originDomain=null)
 Return the true if the cookie is valid is valid.
 

Detailed Description

Cookie for HTTP requests.

Note
GPL-2.0-or-later

Definition at line 12 of file Cookie.php.

Constructor & Destructor Documentation

◆ __construct()

Cookie::__construct ( string $name,
string $value,
array $attr )

Definition at line 21 of file Cookie.php.

Member Function Documentation

◆ serializeToHttpRequest()

Cookie::serializeToHttpRequest ( string $path,
string $domain )

Serialize the cookie jar into a format useful for HTTP Request headers.

Parameters
string$pathThe path that will be used. Required.
string$domainThe domain that will be used. Required.

Definition at line 126 of file Cookie.php.

◆ set()

Cookie::set ( string $value,
array $attr )

Sets a cookie.

Used before a request to set up any individual cookies. Used internally after a request to parse the Set-Cookie headers.

Parameters
string$valueThe value of the cookie
string[]$attrPossible key/values: expires A date string path The path this cookie is used on domain Domain this cookie is used on

Definition at line 37 of file Cookie.php.

◆ validateCookieDomain()

static Cookie::validateCookieDomain ( string $domain,
?string $originDomain = null )
static

Return the true if the cookie is valid is valid.

Otherwise, false. The uses a method similar to IE cookie security described here: http://kuza55.blogspot.com/2008/02/understanding-cookie-security.html A better method might be to use a list like http://publicsuffix.org/

Todo

fixme fails to detect 3-letter top-level domains

fixme fails to detect 2-letter top-level domains for single-domain use (probably not a big problem in practice, but there are test cases)

Parameters
string$domainThe domain to validate
string | null$originDomain(optional) the domain the cookie originates from

Definition at line 71 of file Cookie.php.

The documentation for this class was generated from the following file: