如何在 Laravel 刀片文件中设置 cookie？

Question

I want to set cookies in laravel blade.php file, not in the controller. How can I set it?

Answer 1

It's front end. I suggest using JavaScript for this: https://www.w3schools.com/js/js_cookies.asp

Answer 2

Disclaimer : I will focus my answer on PHP and laravel.

Why not set in controller?

It would really help to know why you cannot / or do not want to set cookies using laravel's cookie Facade in the controller - eg. Cookie::queue , as it's very easy to do!

Here are two ways, from this source .

Via response: return response(view('welcome'))->cookie('name','value',$min);

Via Queue: Cookie::queue(Cookie::make('name','value',$min)); return view('welcome'); Cookie::queue(Cookie::make('name','value',$min)); return view('welcome');

---

Set-Cookie is a response header, not the body!

Assuming you would set these cookies in PHP , they need to come as part of a response header, and not part of the body (view). This is why you would need to set these in the controller, where you are sending a response!

If you try to use PHP functions to set cookies, you will be met with errors "headers have already been sent"

Per the docs: https://www.php.net/setcookie

setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to any output, including and tags as well as any whitespace.

To understand what this means, it's helpful to understand the structure of requests and responses :

Requests and Responses are made up of headers and possibly a body .

• Note: You can see these in the network tab of your browser's dev tools.

The request headers are like meta data about the request that can tell the server what kind of content is being requested, and who is requesting.

The response headers are like meta data about the response returned that can tell the server what kind of content is being delivered, how long to cache it for, associated cookies that got set.

Example Request Headers:

• Content-Type: 'application/json'
• Content-Type: 'application/pdf'
• Content-Type: 'text/html'
• Content-Type: 'text/css'
• User-Agent: 'Mozilla/5.0 (<system-information>) <platform> (<platform-details>) <extensions>'
• Authorization: 'Bearer <token>'

Example Response Headers:

• Content-Type as it may differ from what was requested
• Expires: 'Wed, 07 Sep 2022 19:26:49 GMT'
• Cross-Origin-Resource-Policy: 'cross-origin'
• Date: 'Wed, 07 Sep 2022 19:26:49 GMT'
• Content-Length: 0 ,
• Set-Cookie: test_cookie=CheckForPermission; expires=Wed, 07-Sep-2022 19:41:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none

Notably: - Set-Cookie - tells the browser to add these cookies to application storage (you can view these in application / storage tabs in dev tools)

The response header can have Set-Cookie , not the request header. This makes sense, as usually the cookie information is going to come from the "answer" (response) to the "question" (request) by way of performing some logic, eg - this user is authenticated, here's a cookie to keep their session in place.

---

Also: Secure & HTTP only Cookies

Cookies can get set with a few options - secure only, and http only. These mean that the cookie must be Set on secure connections (https) and the http only can come from a response and cannot be overridden by JavaScript adjusting (client side)

Example of options for Laravel's Cookie::queue facade:

// $name, $value, $minutes = 0, $path = null, $domain = null, $secure = false, $httpOnly = true
Cookie::queue($name, $value, $ttl, $path, $domain, $secure, $httpOnly);

ttl = "time to live" or how long until it expires eg. 2 minutes