/**
* Validate the request data against the cookie token.
*
* @param \Cake\Network\Request $request The request to validate against.
* @throws \Cake\Network\Exception\InvalidCsrfTokenException when the CSRF token is invalid or missing.
* @return void
*/
protected function _validateToken(Request $request)
{
$cookie = $request->cookie($this->_config['cookieName']);
$post = $request->data($this->_config['field']);
$header = $request->header('X-CSRF-Token');
if (empty($cookie)) {
throw new InvalidCsrfTokenException(__d('cake', 'Missing CSRF token cookie'));
}
if ($post !== $cookie && $header !== $cookie) {
throw new InvalidCsrfTokenException(__d('cake', 'CSRF token mismatch.'));
}
}
/**
* Validate the request data against the cookie token.
*
* @param \Cake\Network\Request $request The request to validate against.
* @throws \Cake\Network\Exception\ForbiddenException when the CSRF token is invalid or missing.
* @return void
*/
protected function _validateToken(Request $request)
{
$cookie = $request->cookie($this->_config['cookieName']);
$post = $request->data($this->_config['field']);
$header = $request->header('X-CSRF-Token');
if ($post !== $cookie && $header !== $cookie) {
throw new ForbiddenException(__d('cake', 'Invalid CSRF token.'));
}
}
/**
* Test the cookie() method.
*
* @return void
*/
public function testReadCookie()
{
$request = new Request(['cookies' => ['testing' => 'A value in the cookie']]);
$result = $request->cookie('testing');
$this->assertEquals('A value in the cookie', $result);
$result = $request->cookie('not there');
$this->assertNull($result);
}
/**
* Read the value of the $_COOKIE[$key];
*
* Optional [Name.], required key
* $this->Cookie->read(Name.key);
*
* @param string $key Key of the value to be obtained. If none specified, obtain map key => values
* @return string or null, value for specified key
* @link http://book.cakephp.org/2.0/en/core-libraries/components/cookie.html#CookieComponent::read
*/
public function read($key = null)
{
$cookieName = $this->config('name');
$values = $this->_request->cookie($cookieName);
if (empty($this->_values[$cookieName]) && $values) {
$this->_values[$cookieName] = $this->_decrypt($values);
}
if (empty($this->_values[$cookieName])) {
$this->_values[$cookieName] = array();
}
if ($key === null) {
return $this->_values[$cookieName];
}
if (strpos($key, '.') !== false) {
$names = explode('.', $key, 2);
$key = $names[0];
}
if (!isset($this->_values[$cookieName][$key])) {
return null;
}
if (!empty($names[1])) {
return Hash::get($this->_values[$cookieName][$key], $names[1]);
}
return $this->_values[$cookieName][$key];
}
