WP_Http_Cookie::test( string $url )

Confirms that it’s OK to send this cookie to the URL checked against.


Description Description

Decision is based on RFC 2109/2965, so look there for details on validity.


Top ↑

Parameters Parameters

$url

(string) (Required) URL you intend to send this cookie to


Top ↑

Return Return

(bool) true if allowed, false otherwise.



Top ↑

Source Source

File: wp-includes/class-wp-http-cookie.php

	public function test( $url ) {
		if ( is_null( $this->name ) ) {
			return false;
		}

		// Expires - if expired then nothing else matters.
		if ( isset( $this->expires ) && time() > $this->expires ) {
			return false;
		}

		// Get details on the URL we're thinking about sending to.
		$url         = parse_url( $url );
		$url['port'] = isset( $url['port'] ) ? $url['port'] : ( 'https' == $url['scheme'] ? 443 : 80 );
		$url['path'] = isset( $url['path'] ) ? $url['path'] : '/';

		// Values to use for comparison against the URL.
		$path   = isset( $this->path ) ? $this->path : '/';
		$port   = isset( $this->port ) ? $this->port : null;
		$domain = isset( $this->domain ) ? strtolower( $this->domain ) : strtolower( $url['host'] );
		if ( false === stripos( $domain, '.' ) ) {
			$domain .= '.local';
		}

		// Host - very basic check that the request URL ends with the domain restriction (minus leading dot).
		$domain = substr( $domain, 0, 1 ) == '.' ? substr( $domain, 1 ) : $domain;
		if ( substr( $url['host'], -strlen( $domain ) ) != $domain ) {
			return false;
		}

		// Port - supports "port-lists" in the format: "80,8000,8080".
		if ( ! empty( $port ) && ! in_array( $url['port'], explode( ',', $port ) ) ) {
			return false;
		}

		// Path - request path must start with path restriction.
		if ( substr( $url['path'], 0, strlen( $path ) ) != $path ) {
			return false;
		}

		return true;
	}

Top ↑

Changelog Changelog

Changelog
Version Description
2.8.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.