场景模型>> headers>> 返回
项目作者: polymorphine

项目描述 :
HTTP Response headers middleware
高级语言: PHP
项目地址: git://github.com/polymorphine/headers.git
创建时间: 2021-03-07T02:00:33Z
项目社区:https://github.com/polymorphine/headers
开源协议:MIT License
下载


Polymorphine/Headers

Latest stable release
Build status
Coverage status
PHP version
LICENSE

HTTP Response headers middleware

Installation with Composer

  1. composer require polymorphine/headers

Basic usage

Set-Cookie header
  1. Instantiate a cookie builder using ResponseHeaders context:
    1. $headers     = new ResponseHeaders();
    2. $cookieSetup = new CookieSetup($headers);
    Alternatively, instantiating CookieSetup is possible with ResponseHeaders method:
    1. $cookieSetup = $context->cookieSetup();
  2. Configure cookie with array of its directives/attributes
    (see CookieSetup::directives() method):
    1. $cookieSetup->directives([
    2.     'Domain'   => 'example.com',
    3.     'Path'     => '/admin',
    4.     'Expires'  => new DateTime(...),
    5.     'MaxAge'   => 1234,
    6.     'Secure'   => true,
    7.     'HttpOnly' => true,
    8.     'SameSite' => 'Strict'
    9. ]);
    Modifying setup object is also possible with its builder methods:
    1. $cookieSetup->domain('example.com')
    2.             ->path('/admin')
    3.             ->expires(new DateTime(...))
    4.             ->maxAge(1234)
    5.             ->secure()
    6.             ->httpOnly()
    7.             ->sameSite('Strict');
  3. Instantiate Cookie type object with its name:
    1. $cookie = $cookieSetup->cookie('MyCookie');
  4. Send value:
    1. $cookie->send('value');
    or order to revoke cookie, so that it should not be sent with future requests: 
    1. $cookie->revoke();
    Each cookie can send/revoke header only once
Directives and Attributes

Directives are used according to RFC6265
section about Set-Cookie header attributes (except relatively new SameSite directive). Their
description might also be found at Mozilla Developer Network.
Concise description with additional class logic is explained in docBlocks of mutator methods
of CookieSetup class.

Here are some class-specific rules for setting those directives:

  • Empty values and root path (/) might be omitted as they’re same as default.
  • SameSite allowed values are Strict or Lax, but Lax will be set for any non-empty value given.
  • Expires and MaxAge are different ways to set the same cookie’s expiry date.
    If both directives will be passed into constructor or directivesArray() method,
    last value will be used due to overwrite.

CookieSetup has two alternative methods creating Cookie instance: CookieSetup::permanentCookie() and
CookieSetup::sessionCookie().

  • Permanent constructor sets long (5 years) expiry values (Expires and MaxAge)
  • Session constructor sets security directives (HttpOnly and SameSite=Lax)