The cookie
function is generally used to create a new instance of the \Symfony\Component\HttpFoundation\Cookie
class. If the supplied $name
is null
an implementation of \Illuminate\Contracts\Cookie\Factory
(which is an instance of \Illuminate\Cookie\CookieJar
by default) is returned instead. When not being used to return a CookieJar
instance, the cookie
function makes a call to the make
method on an instance of the CookieJar
(which is resolved using the application container) using all of the supplied parameters.
#Signature
The signature of the cookie
function is:
1function cookie(
2 $name,
3 $value,
4 $minutes,
5 $path,
6 $domain,
7 $secure,
8 $httpOnly,
9 $raw,
10 $sameSite
11);
#Example Use
The following examples will demonstrate the various ways to invoke the cookie
helper function.
#Cookies and Responses
When using the cookie
function to create a cookie, it is important to remember that the function will not send the cookie to client. It will simply create the cookie and return an instance of \Symfony\Component\HttpFoundation\Cookie
.
The cookie
function defines several optional parameters:
$name
This is the name of the new cookie. The names of cookies must be unique.
$value
The value to be stored in the cookie. Cookie values can be a numeric value or a string and not more than 4KB in length.
$minutes
The number of minutes until the cookie expires. A "forever" cookie in Laravel is set to expire in five years or 2,628,000 minutes.
$path
This parameter determines which path on the site the cookie will be available on. For example, if the
$path
is set to/laravel/
, the cookie will only be available within the/laravel/
directory and all sub-directories. The cookies will also be available to any routed actions that match the path. The default value of$path
is/
, which means the cookie is available on all paths.$domain
The
$domain
parameter can be used to restrict where the cookie is available, similar to the$path
parameter. Except, instead of working on web server paths it works on the domain or sub-domain level. Setting the$domain
value toexample.com
makes the cookie available onexample.com
, as well as sub-domains above it such aswww.example.com
. Setting a cookie domain toww3.www.example.com
would make the cookie available to theww3
sub-domain and higher, but not thewww
sub-domain.To make a cookie available to all domains, prefix the domain with the
.
character. So to make a cookie available on all sub-domains ofexample.com
, set the domain to.example.com
.If no domain is specified, the request host will be used as the
$domain
value, as specified in RFC 2109 - HTTP State Management Mechanism.$secure
The
$secure
parameter determines whether or not the cookie is only sent back to the server over a HTTPS connection. If$secure
is set totrue
, the cookie will only be sent back over secure connections.$httpOnly
The
$httpOnly
parameter determines if the cookie can only be accessed with the HTTP protocol. If set totrue
, the cookie cannot be accessed by scripting languages such as JavaScript.$raw
An argument supplied to this parameter will indicate to the underlying Symfony
Cookie
object whether or not the values stored within the cookie are in their raw form. If not, theurlencode
function will be applied to the cookie's values.$sameSite
The value of the argument supplied to the
$sameSite
parameter can be used to control the cookie'ssamesite
value. This setting prevents the browser from sending the cookie with cross-site requests. If the supplied value isnull
, this flag will not be set for the cookie.The possible values for this flag are
lax
orstrict
. Setting the value tolax
, the cookie will be sent along will GET requests, such as when following links on a website. When the value is set tostrict
, the cookie will be sent along with any cross-site requests, even when following links.
The following examples highlight the basic usage of the cookie
function to create various cookies:
1// Retrieving an instance of the cookie factor.
2$factory = cookie();
3
4// Creating a cookie, with a basic value.
5$cookie = cookie(
6 'test_basic',
7 'The cookie value'
8);
9
10// Creating a HTTPS-only cookie.
11$cookie = cookie(
12 'test_secure',
13 'Value',
14 null,
15 null,
16 null,
17 true
18);
∎