Class Response
Cake Response is responsible for managing the response text, status and headers of a HTTP response.
By default controllers will use this class to render their response. If you are going to use a custom response class it should subclass this object in order to ensure compatibility.
Property Summary
-
$_body protected
string
Buffer string or callable for response message
-
$_cacheDirectives protected
array
Holds all the cache directives that will be converted into headers when sending the request
-
$_charset protected
string
The charset the response body is encoded with
-
$_contentType protected
int
Content type to send. This can be an 'extension' that will be transformed using the $_mimetypes array or a complete mime-type
-
$_cookies protected
array
Holds cookies to be sent to the client
-
$_file protected
File
File object for file to be read out as response
-
$_fileRange protected
array
File range. Used for requesting ranges of files.
-
$_headers protected
array
Buffer list of headers
-
$_mimeTypes protected
array
Holds type key to mime type mappings for known mime types.
-
$_protocol protected
string
Protocol header to send to the client
-
$_status protected
int
Status code to send to the client
-
$_statusCodes protected
array
Holds HTTP response statuses
Method Summary
-
__construct() public
Constructor
-
__toString() public
String conversion. Fetches the response body as a string. Does not send headers. If body is a callable, a blank string is returned.
-
_clearBuffer() protected
Clears the contents of the topmost output buffer and discards them
-
_fileRange() protected
Apply a file range to a file and set the end offset.
-
_flushBuffer() protected
Flushes the contents of the output buffer
-
_getUTCDate() protected
Returns a DateTime object initialized at the $time param and using UTC as timezone
-
_isActive() protected
Returns true if connection is still active
-
_normalizeCorsDomains() protected
Normalize the origin to regular expressions and put in an array format
-
_sendContent() protected
Sends a content string to the client.
-
_sendFile() protected
Reads out a file, and echos the content to the client.
-
_sendHeader() protected
Sends a header to the client.
-
_setCacheControl() protected
Helper method to generate a valid Cache-Control header from the options set in other methods
-
_setContent() protected
Sets the response body to an empty text if the status code is 204 or 304
-
_setContentType() protected
Formats the Content-Type header based on the configured contentType and charset the charset will only be set in the header if the response is of type text/*
-
_setCookies() protected
Sets the cookies that have been added via Cake\Network\Response::cookie() before any other output is sent to the client. Will set the cookies in the order they have been set.
-
body() public
Buffers the response message to be sent if $content is null the current buffer is returned
-
cache() public
Sets the correct headers to instruct the client to cache the response.
-
charset() public
Sets the response charset if $charset is null the current charset is returned
-
checkNotModified() public
Checks whether a response has not been modified according to the 'If-None-Match' (Etags) and 'If-Modified-Since' (last modification date) request headers. If the response is detected to be not modified, it is marked as so accordingly so the client can be informed of that.
-
compress() public
Sets the correct output buffering handler to send a compressed response. Responses will be compressed with zlib, if the extension is available.
-
cookie() public
Getter/Setter for cookie configs
-
cors() public
Setup access for origin and methods on cross origin requests
-
disableCache() public
Sets the correct headers to instruct the client to not cache the response
-
download() public
Sets the correct headers to instruct the browser to download the response as a file.
-
etag() public
Sets the response Etag, Etags are a strong indicative that a response can be cached by a HTTP client. A bad way of generating Etags is creating a hash of the response output, instead generate a unique hash of the unique components that identifies a request, such as a modification time, a resource Id, and anything else you consider it makes it unique.
-
expires() public
Sets the Expires header for the response by taking an expiration time If called with no parameters it will return the current Expires value
-
file() public
Setup for display or download the given file.
-
getMimeType() public
Returns the mime type definition for an alias
-
header() public
Buffers a header string to be sent Returns the complete list of buffered headers
-
httpCodes() public
Queries & sets valid HTTP response codes & messages.
-
length() public
Sets the Content-Length header for the response If called with no arguments returns the last Content-Length set
-
location() public
Accessor for the location header.
-
mapType() public
Maps a content-type back to an alias
-
maxAge() public
Sets the Cache-Control max-age directive. The max-age is the number of seconds after which the response should no longer be considered a good candidate to be fetched from the local (client) cache. If called with no parameters, this function will return the current max-age value if any
-
modified() public
Sets the Last-Modified header for the response by taking a modification time If called with no parameters it will return the current Last-Modified value
-
mustRevalidate() public
Sets the Cache-Control must-revalidate directive. must-revalidate indicates that the response should not be served stale by a cache under any circumstance without first revalidating with the origin. If called with no parameters, this function will return whether must-revalidate is present.
-
notModified() public
Sets the response as Not Modified by removing any body contents setting the status code to "304 Not Modified" and removing all conflicting headers
-
outputCompressed() public
Returns whether the resulting output will be compressed by PHP
-
protocol() public
Sets the protocol to be used when sending the response. Defaults to HTTP/1.1 If called with no arguments, it will return the current configured protocol
-
send() public
Sends the complete response to the client including headers and message body. Will echo out the content in the response body.
-
sendHeaders() public
Sends the HTTP headers and cookies.
-
sharable() public
Sets whether a response is eligible to be cached by intermediate proxies This method controls the
public
orprivate
directive in the Cache-Control header -
sharedMaxAge() public
Sets the Cache-Control s-maxage directive. The max-age is the number of seconds after which the response should no longer be considered a good candidate to be fetched from a shared cache (like in a proxy server). If called with no parameters, this function will return the current max-age value if any
-
statusCode() public
Sets the HTTP status code to be sent if $code is null the current code is returned
-
stop() public
Stop execution of the current script. Wraps exit() making testing easier.
-
type() public
Sets the response content type. It can be either a file extension which will be mapped internally to a mime-type or a string representing a mime-type if $contentType is null the current content type is returned if $contentType is an associative array, content type definitions will be stored/replaced
-
vary() public
Sets the Vary header for the response, if an array is passed, values will be imploded into a comma separated string. If no parameters are passed, then an array with the current Vary header value is returned
Method Detail
__construct() ¶ public
__construct(array $options = [])
Constructor
Parameters
-
array
$options optional list of parameters to setup the response. Possible values are:
- body: the response text that should be sent to the client
- statusCodes: additional allowable response codes
- status: the HTTP status code to respond with
- type: a complete mime-type string or an extension mapped in this class
- charset: the charset for the response body
__toString() ¶ public
__toString(): string
String conversion. Fetches the response body as a string. Does not send headers. If body is a callable, a blank string is returned.
Returns
string
_clearBuffer() ¶ protected
_clearBuffer(): bool
Clears the contents of the topmost output buffer and discards them
Returns
bool
_fileRange() ¶ protected
_fileRange(Cake\Filesystem\File $file, string $httpRange): void
Apply a file range to a file and set the end offset.
If an invalid range is requested a 416 Status code will be used in the response.
Parameters
-
Cake\Filesystem\File
$file The file to set a range on.
-
string
$httpRange The range to use.
Returns
void
_flushBuffer() ¶ protected
_flushBuffer(): void
Flushes the contents of the output buffer
Returns
void
_getUTCDate() ¶ protected
_getUTCDate(string|int|DateTime|null $time = null): DateTime
Returns a DateTime object initialized at the $time param and using UTC as timezone
Parameters
-
string|int|DateTime|null
$time optional Valid time string or \DateTime instance.
Returns
DateTime
_normalizeCorsDomains() ¶ protected
_normalizeCorsDomains(array $domains, bool $requestIsSSL = false): array
Normalize the origin to regular expressions and put in an array format
Parameters
-
array
$domains Domain names to normalize.
-
bool
$requestIsSSL optional Whether it's a SSL request.
Returns
array
_sendContent() ¶ protected
_sendContent(string|callable $content): void
Sends a content string to the client.
If the content is a callable, it is invoked. The callable should either return a string or output content directly and have no return value.
Parameters
-
string|callable
$content String to send as response body or callable which returns/outputs content.
Returns
void
_sendFile() ¶ protected
_sendFile(Cake\Filesystem\File $file, array $range): bool
Reads out a file, and echos the content to the client.
Parameters
-
Cake\Filesystem\File
$file File object
-
array
$range The range to read out of the file.
Returns
bool
_sendHeader() ¶ protected
_sendHeader(string $name, string|null $value = null): void
Sends a header to the client.
Parameters
-
string
$name the header name
-
string|null
$value optional the header value
Returns
void
_setCacheControl() ¶ protected
_setCacheControl(): void
Helper method to generate a valid Cache-Control header from the options set in other methods
Returns
void
_setContent() ¶ protected
_setContent(): void
Sets the response body to an empty text if the status code is 204 or 304
Returns
void
_setContentType() ¶ protected
_setContentType(): void
Formats the Content-Type header based on the configured contentType and charset the charset will only be set in the header if the response is of type text/*
Returns
void
_setCookies() ¶ protected
_setCookies(): void
Sets the cookies that have been added via Cake\Network\Response::cookie() before any other output is sent to the client. Will set the cookies in the order they have been set.
Returns
void
body() ¶ public
body(string|callable|null $content = null): string
Buffers the response message to be sent if $content is null the current buffer is returned
Parameters
-
string|callable|null
$content optional the string or callable message to be sent
Returns
string
cache() ¶ public
cache(string $since, string $time = '+1 day'): void
Sets the correct headers to instruct the client to cache the response.
Parameters
-
string
$since a valid time since the response text has not been modified
-
string
$time optional a valid time for cache expiry
Returns
void
charset() ¶ public
charset(string|null $charset = null): string
Sets the response charset if $charset is null the current charset is returned
Parameters
-
string|null
$charset optional Character set string.
Returns
string
checkNotModified() ¶ public
checkNotModified(Cake\Network\Request $request): bool
Checks whether a response has not been modified according to the 'If-None-Match' (Etags) and 'If-Modified-Since' (last modification date) request headers. If the response is detected to be not modified, it is marked as so accordingly so the client can be informed of that.
In order to mark a response as not modified, you need to set at least the Last-Modified etag response header before calling this method. Otherwise a comparison will not be possible.
Parameters
-
Cake\Network\Request
$request Request object
Returns
bool
compress() ¶ public
compress(): bool
Sets the correct output buffering handler to send a compressed response. Responses will be compressed with zlib, if the extension is available.
Returns
bool
cookie() ¶ public
cookie(array|null $options = null): mixed
Getter/Setter for cookie configs
This method acts as a setter/getter depending on the type of the argument. If the method is called with no arguments, it returns all configurations.
If the method is called with a string as argument, it returns either the given configuration if it is set, or null, if it's not set.
If the method is called with an array as argument, it will set the cookie configuration to the cookie container.
Options (when setting a configuration)
- name: The Cookie name
- value: Value of the cookie
- expire: Time the cookie expires in
- path: Path the cookie applies to
- domain: Domain the cookie is for.
- secure: Is the cookie https?
- httpOnly: Is the cookie available in the client?
Examples
Getting all cookies
$this->cookie()
Getting a certain cookie configuration
$this->cookie('MyCookie')
Setting a cookie configuration
$this->cookie((array) $options)
Parameters
-
array|null
$options optional Either null to get all cookies, string for a specific cookie or array to set cookie.
Returns
mixed
cors() ¶ public
cors(Cake\Network\Request $request, string|array $allowedDomains, string|array $allowedMethods = [], string|array $allowedHeaders = []): void
Setup access for origin and methods on cross origin requests
This method allow multiple ways to setup the domains, see the examples
Full URI
cors($request, 'http://www.cakephp.org');
URI with wildcard
cors($request, 'http://*.cakephp.org');
Ignoring the requested protocol
cors($request, 'www.cakephp.org');
Any URI
cors($request, '*');
Whitelist of URIs
cors($request, ['http://www.cakephp.org', '*.google.com', 'https://myproject.github.io']);
Parameters
-
Cake\Network\Request
$request Request object
-
string|array
$allowedDomains List of allowed domains, see method description for more details
-
string|array
$allowedMethods optional List of HTTP verbs allowed
-
string|array
$allowedHeaders optional List of HTTP headers allowed
Returns
void
disableCache() ¶ public
disableCache(): void
Sets the correct headers to instruct the client to not cache the response
Returns
void
download() ¶ public
download(string $filename): void
Sets the correct headers to instruct the browser to download the response as a file.
Parameters
-
string
$filename The name of the file as the browser will download the response
Returns
void
etag() ¶ public
etag(string|null $hash = null, bool $weak = false): string|null
Sets the response Etag, Etags are a strong indicative that a response can be cached by a HTTP client. A bad way of generating Etags is creating a hash of the response output, instead generate a unique hash of the unique components that identifies a request, such as a modification time, a resource Id, and anything else you consider it makes it unique.
Second parameter is used to instruct clients that the content has changed, but semantically, it can be used as the same thing. Think for instance of a page with a hit counter, two different page views are equivalent, but they differ by a few bytes. This leaves off to the Client the decision of using or not the cached page.
If no parameters are passed, current Etag header is returned.
Parameters
-
string|null
$hash optional The unique hash that identifies this response
-
bool
$weak optional Whether the response is semantically the same as other with the same hash or not
Returns
string|null
expires() ¶ public
expires(string|DateTime|null $time = null): string|null
Sets the Expires header for the response by taking an expiration time If called with no parameters it will return the current Expires value
Examples:
$response->expires('now')
Will Expire the response cache now
$response->expires(new DateTime('+1 day'))
Will set the expiration in next 24 hours
$response->expires()
Will return the current expiration header value
Parameters
-
string|DateTime|null
$time optional Valid time string or \DateTime instance.
Returns
string|null
file() ¶ public
file(string $path, array $options = []): void
Setup for display or download the given file.
If $_SERVER['HTTP_RANGE'] is set a slice of the file will be returned instead of the entire file.
Options keys
- name: Alternate download name
- download: If
true
sets download header and forces file to be downloaded rather than displayed in browser
Parameters
-
string
$path Path to file. If the path is not an absolute path that resolves to a file,
APP
will be prepended to the path.-
array
$options optional Options See above.
Returns
void
Throws
Cake\Network\Exception\NotFoundException
getMimeType() ¶ public
getMimeType(string $alias): mixed
Returns the mime type definition for an alias
e.g getMimeType('pdf'); // returns 'application/pdf'
Parameters
-
string
$alias the content type alias to map
Returns
mixed
header() ¶ public
header(string|array|null $header = null, string|array|null $value = null): array
Buffers a header string to be sent Returns the complete list of buffered headers
Single header
header('Location', 'http://example.com');
Multiple headers
header(['Location' => 'http://example.com', 'X-Extra' => 'My header']);
String header
header('WWW-Authenticate: Negotiate');
Array of string headers
header(['WWW-Authenticate: Negotiate', 'Content-type: application/pdf']);
Multiple calls for setting the same header name will have the same effect as setting the header once with the last value sent for it
header('WWW-Authenticate: Negotiate');
header('WWW-Authenticate: Not-Negotiate');
will have the same effect as only doing
header('WWW-Authenticate: Not-Negotiate');
Parameters
-
string|array|null
$header optional An array of header strings or a single header string
- an associative array of "header name" => "header value" is also accepted
- an array of string headers is also accepted
-
string|array|null
$value optional The header value(s)
Returns
array
httpCodes() ¶ public
httpCodes(int|array|null $code = null): mixed
Queries & sets valid HTTP response codes & messages.
Parameters
-
int|array|null
$code optional If $code is an integer, then the corresponding code/message is returned if it exists, null if it does not exist. If $code is an array, then the keys are used as codes and the values as messages to add to the default HTTP codes. The codes must be integers greater than 99 and less than 1000. Keep in mind that the HTTP specification outlines that status codes begin with a digit between 1 and 5, which defines the class of response the client is to expect. Example:
Returns
mixed
Throws
InvalidArgumentException
If an attempt is made to add an invalid status code
length() ¶ public
length(int|null $bytes = null): int|null
Sets the Content-Length header for the response If called with no arguments returns the last Content-Length set
Parameters
-
int|null
$bytes optional Number of bytes
Returns
int|null
location() ¶ public
location(null|string $url = null): string|null
Accessor for the location header.
Get/Set the Location header value.
Parameters
-
null|string
$url optional Either null to get the current location, or a string to set one.
Returns
string|null
mapType() ¶ public
mapType(string|array $ctype): string|array|null
Maps a content-type back to an alias
e.g mapType('application/pdf'); // returns 'pdf'
Parameters
-
string|array
$ctype Either a string content type to map, or an array of types.
Returns
string|array|null
maxAge() ¶ public
maxAge(int|null $seconds = null): int|null
Sets the Cache-Control max-age directive. The max-age is the number of seconds after which the response should no longer be considered a good candidate to be fetched from the local (client) cache. If called with no parameters, this function will return the current max-age value if any
Parameters
-
int|null
$seconds optional if null, the method will return the current max-age value
Returns
int|null
modified() ¶ public
modified(string|DateTime|null $time = null): string|null
Sets the Last-Modified header for the response by taking a modification time If called with no parameters it will return the current Last-Modified value
Examples:
$response->modified('now')
Will set the Last-Modified to the current time
$response->modified(new DateTime('+1 day'))
Will set the modification date in the past 24 hours
$response->modified()
Will return the current Last-Modified header value
Parameters
-
string|DateTime|null
$time optional Valid time string or \DateTime instance.
Returns
string|null
mustRevalidate() ¶ public
mustRevalidate(bool|null $enable = null): bool
Sets the Cache-Control must-revalidate directive. must-revalidate indicates that the response should not be served stale by a cache under any circumstance without first revalidating with the origin. If called with no parameters, this function will return whether must-revalidate is present.
Parameters
-
bool|null
$enable optional if null, the method will return the current must-revalidate value. If boolean sets or unsets the directive.
Returns
bool
notModified() ¶ public
notModified(): void
Sets the response as Not Modified by removing any body contents setting the status code to "304 Not Modified" and removing all conflicting headers
Returns
void
outputCompressed() ¶ public
outputCompressed(): bool
Returns whether the resulting output will be compressed by PHP
Returns
bool
protocol() ¶ public
protocol(string|null $protocol = null): string
Sets the protocol to be used when sending the response. Defaults to HTTP/1.1 If called with no arguments, it will return the current configured protocol
Parameters
-
string|null
$protocol optional Protocol to be used for sending response.
Returns
string
send() ¶ public
send(): void
Sends the complete response to the client including headers and message body. Will echo out the content in the response body.
Returns
void
sharable() ¶ public
sharable(bool|null $public = null, int|null $time = null): bool|null
Sets whether a response is eligible to be cached by intermediate proxies
This method controls the public
or private
directive in the Cache-Control
header
Parameters
-
bool|null
$public optional If set to true, the Cache-Control header will be set as public if set to false, the response will be set to private if no value is provided, it will return whether the response is sharable or not
-
int|null
$time optional time in seconds after which the response should no longer be considered fresh
Returns
bool|null
sharedMaxAge() ¶ public
sharedMaxAge(int|null $seconds = null): int|null
Sets the Cache-Control s-maxage directive. The max-age is the number of seconds after which the response should no longer be considered a good candidate to be fetched from a shared cache (like in a proxy server). If called with no parameters, this function will return the current max-age value if any
Parameters
-
int|null
$seconds optional if null, the method will return the current s-maxage value
Returns
int|null
statusCode() ¶ public
statusCode(int|null $code = null): int
Sets the HTTP status code to be sent if $code is null the current code is returned
Parameters
-
int|null
$code optional the HTTP status code
Returns
int
Throws
InvalidArgumentException
When an unknown status code is reached.
stop() ¶ public
stop(int|string $status = 0): void
Stop execution of the current script. Wraps exit() making testing easier.
Parameters
-
int|string
$status optional See http://php.net/exit for values
Returns
void
type() ¶ public
type(string|null $contentType = null): mixed
Sets the response content type. It can be either a file extension which will be mapped internally to a mime-type or a string representing a mime-type if $contentType is null the current content type is returned if $contentType is an associative array, content type definitions will be stored/replaced
Setting the content type
type('jpg');
Returning the current content type
type();
Storing content type definitions
type(['keynote' => 'application/keynote', 'bat' => 'application/bat']);
Replacing a content type definition
type(['jpg' => 'text/plain']);
Parameters
-
string|null
$contentType optional Content type key.
Returns
mixed
vary() ¶ public
vary(string|array|null $cacheVariances = null): array|null
Sets the Vary header for the response, if an array is passed, values will be imploded into a comma separated string. If no parameters are passed, then an array with the current Vary header value is returned
Parameters
-
string|array|null
$cacheVariances optional A single Vary string or an array containing the list for variances.
Returns
array|null
Property Detail
$_cacheDirectives ¶ protected
Holds all the cache directives that will be converted into headers when sending the request
Type
array
$_contentType ¶ protected
Content type to send. This can be an 'extension' that will be transformed using the $_mimetypes array or a complete mime-type
Type
int