lithium\net\http\Response::_cookies()

protected method

Render Set-Cookie headers, urlencoding invalid characters.

NOTE: Technically '+' is a valid character, but many browsers erroneously convert these to spaces, so we must escape this too.

Returns

array

Array of Set-Cookie headers or null if no cookies to set.

Source

	protected function _cookies() {
		$cookies = [];
		foreach ($this->cookies() as $name => $value) {
			if (!isset($value['value'])) {
				foreach ($value as $set) {
					$cookies[] = compact('name') + $set;
				}
			} else {
				$cookies[] = compact('name') + $value;
			}
		}
		$invalid = str_split(",; \+\t\r\n\013\014");
		$replace = array_map('rawurlencode', $invalid);
		$replace = array_combine($invalid, $replace);

		foreach ($cookies as &$cookie) {
			if (!is_scalar($cookie['value'])) {
				$message = "Non-scalar value cannot be rendered for cookie `{$cookie['name']}`";
				throw new UnexpectedValueException($message);
			}
			$value = strtr($cookie['value'], $replace);
			$header = $cookie['name'] . '=' . $value;

			if (!empty($cookie['expires'])) {
				if (is_string($cookie['expires'])) {
					$cookie['expires'] = strtotime($cookie['expires']);
				}
				$header .= '; Expires=' . gmdate('D, d-M-Y H:i:s', $cookie['expires']) . ' GMT';
			}
			if (!empty($cookie['path'])) {
				$header .= '; Path=' . strtr($cookie['path'], $replace);
			}
			if (!empty($cookie['domain'])) {
				$header .= '; Domain=' . strtr($cookie['domain'], $replace);
			}
			if (!empty($cookie['secure'])) {
				$header .= '; Secure';
			}
			if (!empty($cookie['httponly'])) {
				$header .= '; HttpOnly';
			}
			$cookie = $header;
		}
		return $cookies ?: null;
	}