-
Notifications
You must be signed in to change notification settings - Fork 0
Cookies
PHP won't finish the HTTP header until the script produces any output so cookies can be defined only before any output is done.
Having RequestResponses delay the output until the end of the application logic permits for cookies to be defined at any point before that.
Usually cookies are rather data oriented than uri location oriented, and as such i recommend handling your cookie logic inside your ORM models.
You should be careful, as defining or modifying cookies is indeed header modification, and one that bypasses the RequestResponse system. Usually this is good - you want your user to get signed in when you do a mock-call to your sign-in API.
Still, you should keep this in mind and document any cookie modifications that your request handlers may do.