Cookie Configuration
The Cookie Configuration
class provides properties to configure various aspects of cookies used in web applications, particularly for client-side cookie management. These properties allow developers to customize settings such as the save path, expiration, cookie path, domain, SameSite attribute, security flags, and more.
- Class namespace:
\App\Config\Cookie
- File path:
/app/Config/Cookie.php
- This class is marked as final and can't be subclassed
Properties
savePath
The path where session files are stored on the server.
public string $savePath = '';
expiration
The lifetime of the session in seconds.
public int $expiration = 365 * 24 * 60 * 60;
cookiePath
The path to use for the session cookie.
public string $cookiePath = '/';
cookieDomain
The domain to use for the session cookie.
public string $cookieDomain = '.localhost';
sameSite
Set the session cookie security level.
Possible attributes: None
, Lax
, Strict
public string $sameSite = 'Lax'
secure
Cookie will only be set if a secure HTTPS connection exists.
public bool $secure = false;
httpOnly
Cookie will only be accessible via HTTP(S) (no JavaScript).
public bool $httpOnly = true;
cookieRaw
This flag allows setting a 'raw' cookie, i.e., its name and value are not URL encoded using rawurlencode()
leaving the cookie as it was.
public bool $cookieRaw = false;
If this is set to
true
, cookie names should be compliant of RFC 2616's list of allowed characters.
See Reference: