Nette Documentation Preview

syntax
HTTP Response
*************

.[perex]
Nette encapsulates the HTTP response into objects with an understandable API while providing a sanitization filter.

Installation:

```shell
composer require nette/http
```

An HTTP response is an [api:Nette\Http\Response] object, which you get by passing it using [dependency injection |dependency-injection:passing-dependencies]. In presenters simply call `$httpResponse = $this->getHttpResponse()`.


Nette\Http\Response
===================

Unlike [Nette\Http\Request|request], this object is mutable, so you can use setters to change the state, ie to send headers. Remember that all setters **must be called before any actual output is sent.**
The `isSent()` method tells if output have been sent. If it returns `true`, each attempt to send a header throws an `Nette\InvalidStateException` exception.


setCode(int $code, ?string $reason=null) .[method]
--------------------------------------------------
Changes a status [response code |https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10]. For better source code readability it is recommended to use [predefined constants |https://api.nette.org/2.4/Nette.Http.IResponse.html#S100_CONTINUE] instead of actual numbers.

```php
$httpResponse->setCode(Nette\Http\Response::S404_NOT_FOUND);
```


getCode(): int .[method]
------------------------
Returns the status code of the response.


isSent(): bool .[method]
------------------------
Returns whether headers have already been sent from the server to the browser, so it is no longer possible to send headers or change the status code.


setHeader(string $name, string $value) .[method]
------------------------------------------------
Sends an HTTP header and **overwrites** previously sent header of the same name.

```php
$httpResponse->setHeader('Pragma', 'no-cache');
```


addHeader(string $name, string $value) .[method]
------------------------------------------------
Sends an HTTP header and **doesn't overwrite** previously sent header of the same name.

```php
$httpResponse->addHeader('Accept', 'application/json');
$httpResponse->addHeader('Accept', 'application/xml');
```


deleteHeader(string $name) .[method]
------------------------------------
Deletes a previously sent HTTP header.


getHeader(string $header): ?string .[method]
--------------------------------------------
Returns the sent HTTP header, or `null` if it does not exist. The parameter is case-insensitive.

```php
$pragma = $httpResponse->getHeader('Pragma');
```


getHeaders(): array .[method]
-----------------------------
Returns all sent HTTP headers as associative array.

```php
$headers = $httpResponse->getHeaders();
echo $headers['Pragma'];
```


setContentType(string $type, ?string $charset=null) .[method]
-------------------------------------------------------------
Sends the header `Content-Type`.

```php
$httpResponse->setContentType('text/plain', 'UTF-8');
```


redirect(string $url, int $code=self::S302_FOUND): void .[method]
-----------------------------------------------------------------
Redirects to another URL. Don't forget to quit the script then.

```php
$httpResponse->redirect('http://example.com');
exit;
```


setExpiration(?string $time) .[method]
--------------------------------------
Sets the expiration of the HTTP document using the `Cache-Control` and `Expires` headers. The parameter is either a time interval (as text or number of seconds) or `null`, which disables caching.

```php
// browser cache expires in one hour
$httpResponse->setExpiration('1 hour');
```


setCookie(string $name, string $value, $time, ?string $path=null, ?string $domain=null, ?bool $secure=null, ?bool $httpOnly=null, ?string $sameSite=null) .[method]
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Sends a cookie. Default parameter values:

| `$path`     | `'/'`   | with scope to all paths on (sub)domain
| `$domain`   | `null`  | with scope of the current (sub)domain, but not its subdomains
| `$secure`   |         | affected by the settings in [configuration |configuration#HTTP cookie]
| `$httpOnly` | `true`  | cookie is inaccessible to JavaScript
| `$sameSite` | `null`  | flag is not specified (see [SameSite cookie|nette:glossary#SameSite cookie])

The time can be specified as number of seconds or a string:

```php
$httpResponse->setCookie('lang', 'en', '100 days');
```

The `$domain` option determines which domains (origins) can accept cookies. If not specified, the cookie is accepted by the same (sub)domain as is set by it, excluding their subdomains. If `$domain` is specified, then subdomains are also included. Therefore, specifying `$domain` is less restrictive than omitting. For example, if `$domain = 'nette.org'`, cookie is also available on all subdomains like `doc.nette.org`.


deleteCookie(string $name, ?string $path=null, ?string $domain=null, ?bool $secure=null): void .[method]
--------------------------------------------------------------------------------------------------------
Deletes a cookie. The default values ​​of the parameters are:
- `$path` with scope to all directories (`'/'`)
- `$domain` with scope of the current (sub)domain, but not its subdomains
- `$secure` is affected by the settings in [configuration#HTTP cookie]

```php
$httpResponse->deleteCookie('lang');
```

HTTP Response

Nette encapsulates the HTTP response into objects with an understandable API while providing a sanitization filter.

Installation:

composer require nette/http

An HTTP response is an Nette\Http\Response object, which you get by passing it using dependency injection. In presenters simply call $httpResponse = $this->getHttpResponse().

Nette\Http\Response

Unlike Nette\Http\Request, this object is mutable, so you can use setters to change the state, ie to send headers. Remember that all setters must be called before any actual output is sent. The isSent() method tells if output have been sent. If it returns true, each attempt to send a header throws an Nette\InvalidStateException exception.

setCode(int $code, ?string $reason=null)

Changes a status response code. For better source code readability it is recommended to use predefined constants instead of actual numbers.

$httpResponse->setCode(Nette\Http\Response::S404_NOT_FOUND);

getCode(): int

Returns the status code of the response.

isSent(): bool

Returns whether headers have already been sent from the server to the browser, so it is no longer possible to send headers or change the status code.

setHeader(string $name, string $value)

Sends an HTTP header and overwrites previously sent header of the same name.

$httpResponse->setHeader('Pragma', 'no-cache');

addHeader(string $name, string $value)

Sends an HTTP header and doesn't overwrite previously sent header of the same name.

$httpResponse->addHeader('Accept', 'application/json');
$httpResponse->addHeader('Accept', 'application/xml');

deleteHeader(string $name)

Deletes a previously sent HTTP header.

getHeader(string $header): ?string

Returns the sent HTTP header, or null if it does not exist. The parameter is case-insensitive.

$pragma = $httpResponse->getHeader('Pragma');

getHeaders(): array

Returns all sent HTTP headers as associative array.

$headers = $httpResponse->getHeaders();
echo $headers['Pragma'];

setContentType(string $type, ?string $charset=null)

Sends the header Content-Type.

$httpResponse->setContentType('text/plain', 'UTF-8');

redirect(string $url, int $code=self::S302_FOUND)void

Redirects to another URL. Don't forget to quit the script then.

$httpResponse->redirect('http://example.com');
exit;

setExpiration(?string $time)

Sets the expiration of the HTTP document using the Cache-Control and Expires headers. The parameter is either a time interval (as text or number of seconds) or null, which disables caching.

// browser cache expires in one hour
$httpResponse->setExpiration('1 hour');

setCookie(string $name, string $value, $time, ?string $path=null, ?string $domain=null, ?bool $secure=null, ?bool $httpOnly=null, ?string $sameSite=null)

Sends a cookie. Default parameter values:

$path '/' with scope to all paths on (sub)domain
$domain null with scope of the current (sub)domain, but not its subdomains
$secure   affected by the settings in configuration
$httpOnly true cookie is inaccessible to JavaScript
$sameSite null flag is not specified (see SameSite cookie)

The time can be specified as number of seconds or a string:

$httpResponse->setCookie('lang', 'en', '100 days');

The $domain option determines which domains (origins) can accept cookies. If not specified, the cookie is accepted by the same (sub)domain as is set by it, excluding their subdomains. If $domain is specified, then subdomains are also included. Therefore, specifying $domain is less restrictive than omitting. For example, if $domain = 'nette.org', cookie is also available on all subdomains like doc.nette.org.

deleteCookie(string $name, ?string $path=null, ?string $domain=null, ?bool $secure=null)void

Deletes a cookie. The default values ​​of the parameters are:

  • $path with scope to all directories ('/')
  • $domain with scope of the current (sub)domain, but not its subdomains
  • $secure is affected by the settings in configuration
$httpResponse->deleteCookie('lang');