Cookie::domain_matches( string $domain ): boolean

In this article

Check if a cookie is valid for a given domain

Parameters

$domainstringrequired
Domain to check

Return

boolean Whether the cookie is valid for the given domain

Source

public function domain_matches($domain) {
	if (is_string($domain) === false) {
		return false;
	}

	if (!isset($this->attributes['domain'])) {
		// Cookies created manually; cookies created by Requests will set
		// the domain to the requested domain
		return true;
	}

	$cookie_domain = $this->attributes['domain'];
	if ($cookie_domain === $domain) {
		// The cookie domain and the passed domain are identical.
		return true;
	}

	// If the cookie is marked as host-only and we don't have an exact
	// match, reject the cookie
	if ($this->flags['host-only'] === true) {
		return false;
	}

	if (strlen($domain) <= strlen($cookie_domain)) {
		// For obvious reasons, the cookie domain cannot be a suffix if the passed domain
		// is shorter than the cookie domain
		return false;
	}

	if (substr($domain, -1 * strlen($cookie_domain)) !== $cookie_domain) {
		// The cookie domain should be a suffix of the passed domain.
		return false;
	}

	$prefix = substr($domain, 0, strlen($domain) - strlen($cookie_domain));
	if (substr($prefix, -1) !== '.') {
		// The last character of the passed domain that is not included in the
		// domain string should be a %x2E (".") character.
		return false;
	}

	// The passed domain should be a host name (i.e., not an IP address).
	return !preg_match('#^(.+\.)\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $domain);
}

User Contributed Notes

You must log in before being able to contribute a note or feedback.