Currently the native cookie uses a list of arguments passed to setcookie. Most of these arguments are already in an array which could be passed somewhat directly to setcookie.
Passing an array directly to setcookie also allows the additional usage of the samesite option which can be used as an additional defense to csrf attacks
Example
could be made better with array_merge but that may include breaking changes.
Description
Currently the native cookie uses a list of arguments passed to
setcookie
. Most of these arguments are already in an array which could be passed somewhat directly tosetcookie
.https://github.com/cartalyst/sentinel/blob/c7420487cd82ef135ed384a75056674902b755bb/src/Cookies/NativeCookie.php#L119-L130
Passing an array directly to setcookie also allows the additional usage of the
samesite
option which can be used as an additional defense to csrf attacksExample
could be made better with
array_merge
but that may include breaking changes.