/** * Set a value in a private cookie with the given $name $value pairing. * * Sensitive cookies cannot be accessed by JS. HttpOnly will always be set to true for these cookies. * * @param string $name * @param string $value * @param SensitiveCookieMetadata $metadata * @return void * @throws FailureToSendException Cookie couldn't be sent to the browser. If this exception isn't thrown, * there is still no guarantee that the browser received and accepted the cookie. * @throws CookieSizeLimitReachedException Thrown when the cookie is too big to store any additional data. * @throws InputException If the cookie name is empty or contains invalid characters. */ public function setSensitiveCookie($name, $value, SensitiveCookieMetadata $metadata = null) { $metadataArray = $this->scope->getSensitiveCookieMetadata($metadata)->__toArray(); $metadataArray[PublicCookieMetadata::KEY_SECURE] = true; $metadataArray[PublicCookieMetadata::KEY_HTTP_ONLY] = true; $this->setCookie($name, $value, $metadataArray); }