Class yii\web\Cookie

All Classes | Properties | Methods | Constants

Inheritance	yii\web\Cookie » yii\base\BaseObject
Implements	yii\base\Configurable
Available since version	2.0
Source Code	https://github.com/yiisoft/yii2/blob/master/framework/web/Cookie.php

Cookie represents information related with a cookie, such as $name, $value, $domain, etc.

For more details and usage information on Cookie, see the guide article on handling cookies.

Public Properties

Hide inherited properties

Property	Type	Description	Defined By
$domain	string	Domain of the cookie	yii\web\Cookie
$expire	integer	The timestamp at which the cookie expires.	yii\web\Cookie
$httpOnly	boolean	Whether the cookie should be accessible only through the HTTP protocol.	yii\web\Cookie
$name	string	Name of the cookie	yii\web\Cookie
$path	string	The path on the server in which the cookie will be available on.	yii\web\Cookie
$sameSite	string	SameSite prevents the browser from sending this cookie along with cross-site requests.	yii\web\Cookie
$secure	boolean	Whether cookie should be sent via secure connection	yii\web\Cookie
$value	string	Value of the cookie	yii\web\Cookie

Public Methods

Hide inherited methods

Method	Description	Defined By
__call()	Calls the named method which is not a class method.	yii\base\BaseObject
__construct()	Constructor.	yii\base\BaseObject
__get()	Returns the value of an object property.	yii\base\BaseObject
__isset()	Checks if a property is set, i.e. defined and not null.	yii\base\BaseObject
__set()	Sets value of an object property.	yii\base\BaseObject
__toString()	Magic method to turn a cookie object into a string without having to explicitly access $value.	yii\web\Cookie
__unset()	Sets an object property to null.	yii\base\BaseObject
canGetProperty()	Returns a value indicating whether a property can be read.	yii\base\BaseObject
canSetProperty()	Returns a value indicating whether a property can be set.	yii\base\BaseObject
className()	Returns the fully qualified name of this class.	yii\base\BaseObject
hasMethod()	Returns a value indicating whether a method is defined.	yii\base\BaseObject
hasProperty()	Returns a value indicating whether a property is defined.	yii\base\BaseObject
init()	Initializes the object.	yii\base\BaseObject

Constants

Hide inherited constants

Constant	Value	Description	Defined By
SAME_SITE_LAX	'Lax'	SameSite policy Lax will prevent the cookie from being sent by the browser in all cross-site browsing context during CSRF-prone request methods (e.g. POST, PUT, PATCH etc). E.g. a POST request from https://otherdomain.com to https://yourdomain.com will not include the cookie, however a GET request will. When a user follows a link from https://otherdomain.com to https://yourdomain.com it will include the cookie	yii\web\Cookie
SAME_SITE_STRICT	'Strict'	SameSite policy Strict will prevent the cookie from being sent by the browser in all cross-site browsing context regardless of the request method and even when following a regular link. E.g. a GET request from https://otherdomain.com to https://yourdomain.com or a user following a link from https://otherdomain.com to https://yourdomain.com will not include the cookie.	yii\web\Cookie

Property Details

$domain public property

Domain of the cookie

public string $domain = ''

$expire public property

The timestamp at which the cookie expires. This is the server timestamp. Defaults to 0, meaning "until the browser is closed".

public integer $expire = 0

$httpOnly public property

Whether the cookie should be accessible only through the HTTP protocol. By setting this property to true, the cookie will not be accessible by scripting languages, such as JavaScript, which can effectively help to reduce identity theft through XSS attacks.

public boolean $httpOnly = true

$name public property

Name of the cookie

public string $name = null

$path public property

The path on the server in which the cookie will be available on. The default is '/'.

public string $path = '/'

$sameSite public property (available since version 2.0.21)

SameSite prevents the browser from sending this cookie along with cross-site requests. Please note that this feature is only supported since PHP 7.3.0 For better security, an exception will be thrown if sameSite is set while using an unsupported version of PHP. To use this feature across different PHP versions check the version first. E.g. `php $cookie->sameSite = PHP_VERSION_ID >= 70300 ? yii\web\Cookie::SAME_SITE_LAX : null, ` See https://www.owasp.org/index.php/SameSite for more information about sameSite.

public string $sameSite = null

$secure public property

Whether cookie should be sent via secure connection

public boolean $secure = false

$value public property

Value of the cookie

public string $value = ''

Method Details

__toString() public method

Magic method to turn a cookie object into a string without having to explicitly access $value.

if (isset($request->cookies['name'])) {
    $value = (string) $request->cookies['name'];
}

public string __toString ( )
return	string	The value of the cookie. If the value property is null, an empty string will be returned.