You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 30, 2020. It is now read-only.
Zend\Http\Header\SetCookie should allow setting the value without URL encoding it, similar to PHP's setrawcookie() function. This can be necessary for compatibility with other libraries, or when you know that all characters are safe and no escaping is necessary.
For example, a cookie whose value might contain a colon (:) is perfectly valid:
Set-Cookie:foo=a:b; Path=/
But currently it can only be set like this:
Set-Cookie:foo=a%3Ab; Path=/
API consistency considerations:
Zend\Http\Header\Cookie has a setEncodeValue() method that can be used to toggle whether cookie values are URL encoded.
SetCookie has setQuoteFieldValue() and hasQuoteFieldValue() methods. This quoting is applied to the same header component as URL encoding. In my opinion, these names are misleading, since the quoting applies only to the cookie value itself, not the entire "field value", as the term is typically used. This is only a minor concern though, as anyone familiar enough with the spec to want quotes probably knows what it does.
Adding setEncodeFieldValue() / hasEncodeFieldValue() would be consistent with the precedent set by setQuoteFieldValue(), but slightly misleading.
setEncodeValue() / getEncodeValue() are more accurate names and are consistent with the Cookie class.
setEncodeValue() / hasEncodeValue() is consistent with the "set" / "has" terminology used for SetCookie's quote methods, but doesn't make the mistake of implying the entire field value is encoded.
The text was updated successfully, but these errors were encountered:
Zend\Http\Header\SetCookie should allow setting the value without URL encoding it, similar to PHP's setrawcookie() function. This can be necessary for compatibility with other libraries, or when you know that all characters are safe and no escaping is necessary.
For example, a cookie whose value might contain a colon (
:
) is perfectly valid:But currently it can only be set like this:
API consistency considerations:
setEncodeValue()
method that can be used to toggle whether cookie values are URL encoded.setQuoteFieldValue()
andhasQuoteFieldValue()
methods. This quoting is applied to the same header component as URL encoding. In my opinion, these names are misleading, since the quoting applies only to the cookie value itself, not the entire "field value", as the term is typically used. This is only a minor concern though, as anyone familiar enough with the spec to want quotes probably knows what it does.setEncodeFieldValue()
/hasEncodeFieldValue()
would be consistent with the precedent set bysetQuoteFieldValue()
, but slightly misleading.setEncodeValue()
/getEncodeValue()
are more accurate names and are consistent with the Cookie class.setEncodeValue()
/hasEncodeValue()
is consistent with the "set" / "has" terminology used for SetCookie's quote methods, but doesn't make the mistake of implying the entire field value is encoded.The text was updated successfully, but these errors were encountered: