diff --git a/src/ServerResponse.php b/src/ServerResponse.php
index f7792aa36ca0d6bdf9988231854b9b61c96c77c2..2316037e285e62436a51ab4163da1db8a052daa7 100644
--- a/src/ServerResponse.php
+++ b/src/ServerResponse.php
@@ -2,7 +2,6 @@
namespace Tal;
-use Psr\Http\Message\StreamInterface;
use Tal\Psr7Extended\ServerResponseInterface;
class ServerResponse extends Response implements ServerResponseInterface
@@ -53,25 +52,53 @@ class ServerResponse extends Response implements ServerResponseInterface
public function setCookie(
$name,
$value = "",
- $expire = 0,
+ $maxAge = 0,
$path = "",
$domain = "",
$secure = false,
- $httponly = false
+ $httponly = false,
+ $sameSite = false
) {
+ if (preg_match('/[=,; \t\r\n\013\014]/', $name)) {
+ throw new \InvalidArgumentException(
+ 'Cookie names cannot contain any of the following \'=,; \t\r\n\013\014\''
+ );
+ }
+
$headerLine = sprintf('%s=%s', $name, urlencode($value));
- if ($expire) {
- $headerLine .= '; expires=' . gmdate('D, d M Y H:i:s T', time() + $expire);
- $headerLine .= '; max-age=' . $expire;
+
+ if ($maxAge) {
+ $headerLine .= '; expires=' . gmdate('D, d M Y H:i:s T', time() + $maxAge);
+ $headerLine .= '; Max-Age=' . $maxAge;
+ }
+
+ if ($path) {
+ $headerLine .= '; path=' . $path;
+ }
+
+ if ($domain) {
+ $headerLine .= '; domain=' . $domain;
}
- // @todo prepare the header with all options given
+
+ if ($secure) {
+ $headerLine .= '; secure';
+ }
+
+ if ($httponly) {
+ $headerLine .= '; HttpOnly';
+ }
+
+ if ($sameSite) {
+ $headerLine .= '; SameSite';
+ }
+
$this->addHeader('Set-Cookie', $headerLine);
return $this;
}
public function deleteCookie($name)
{
- $this->setCookie($name, 'deleted', -1);
+ $this->setCookie($name, 'deleted', 1);
return $this;
}
}