WP_Http_Cookie::test( string $url )

Confirms that it’s OK to send this cookie to the URL checked against.

Description

Decision is based on RFC 2109/2965, so look there for details on validity.

Parameters

$url

(string) (Required) URL you intend to send this cookie to

Return

(bool) true if allowed, false otherwise.

Source

File: wp-includes/class-wp-http-cookie.php

public function test( $url ) {
		if ( is_null( $this->name ) ) {
			return false;
		}

		// Expires - if expired then nothing else matters.
		if ( isset( $this->expires ) && time() > $this->expires ) {
			return false;
		}

		// Get details on the URL we're thinking about sending to.
		$url         = parse_url( $url );
		$url['port'] = isset( $url['port'] ) ? $url['port'] : ( 'https' === $url['scheme'] ? 443 : 80 );
		$url['path'] = isset( $url['path'] ) ? $url['path'] : '/';

		// Values to use for comparison against the URL.
		$path   = isset( $this->path ) ? $this->path : '/';
		$port   = isset( $this->port ) ? $this->port : null;
		$domain = isset( $this->domain ) ? strtolower( $this->domain ) : strtolower( $url['host'] );
		if ( false === stripos( $domain, '.' ) ) {
			$domain .= '.local';
		}

		// Host - very basic check that the request URL ends with the domain restriction (minus leading dot).
		$domain = ( '.' === substr( $domain, 0, 1 ) ) ? substr( $domain, 1 ) : $domain;
		if ( substr( $url['host'], -strlen( $domain ) ) != $domain ) {
			return false;
		}

		// Port - supports "port-lists" in the format: "80,8000,8080".
		if ( ! empty( $port ) && ! in_array( $url['port'], array_map( 'intval', explode( ',', $port ) ), true ) ) {
			return false;
		}

		// Path - request path must start with path restriction.
		if ( substr( $url['path'], 0, strlen( $path ) ) != $path ) {
			return false;
		}

		return true;
	}

Changelog

Version Description
2.8.0 Introduced.

© 2003–2021 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wp_http_cookie/test