Cake\Controller\Component\CsrfComponent::_setCookie PHP Method

CsrfComponent Class Documentation Show file Open project: cakephp/cakephp

_setCookie() protected method

Also sets the request->params['_csrfToken'] so the newly minted token is available in the request data.

protected _setCookie ( Cake\Network\Request $request, Response $response ) : void
$request	Cake\Network\Request	The request object.
$response	Cake\Network\Response	The response object.
return	void

    protected function _setCookie(Request $request, Response $response)
    {
        $expiry = new Time($this->_config['expiry']);
        $value = hash('sha512', Security::randomBytes(16), false);
        $request->params['_csrfToken'] = $value;
        $response->cookie(['name' => $this->_config['cookieName'], 'value' => $value, 'expire' => $expiry->format('U'), 'path' => $request->webroot, 'secure' => $this->_config['secure'], 'httpOnly' => $this->_config['httpOnly']]);
    }

CsrfComponent

_setCookie

_validateToken

implementedEvents

startup