QNetworkCookie Class

The QNetworkCookie class holds one network cookie. More...

Header: #include <QNetworkCookie>
CMake: find_package(Qt6 REQUIRED COMPONENTS Network)
target_link_libraries(mytarget PRIVATE Qt6::Network)
qmake: QT += network

Public Types

enum RawForm { NameAndValueOnly, Full }
(since 6.1) enum class SameSite { Default, None, Lax, Strict }

Public Functions

QNetworkCookie(const QByteArray &name = QByteArray(), const QByteArray &value = QByteArray())
QNetworkCookie(const QNetworkCookie &other)
~QNetworkCookie()
QString domain() const
QDateTime expirationDate() const
bool hasSameIdentifier(const QNetworkCookie &other) const
bool isHttpOnly() const
bool isSecure() const
bool isSessionCookie() const
QByteArray name() const
void normalize(const QUrl &url)
QString path() const
(since 6.1) QNetworkCookie::SameSite sameSitePolicy() const
void setDomain(const QString &domain)
void setExpirationDate(const QDateTime &date)
void setHttpOnly(bool enable)
void setName(const QByteArray &cookieName)
void setPath(const QString &path)
(since 6.1) void setSameSitePolicy(QNetworkCookie::SameSite sameSite)
void setSecure(bool enable)
void setValue(const QByteArray &value)
void swap(QNetworkCookie &other)
QByteArray toRawForm(QNetworkCookie::RawForm form = Full) const
QByteArray value() const
bool operator!=(const QNetworkCookie &other) const
QNetworkCookie &operator=(const QNetworkCookie &other)
bool operator==(const QNetworkCookie &other) const

Static Public Members

QList<QNetworkCookie> parseCookies(QByteArrayView cookieString)

Detailed Description

Cookies are small bits of information that stateless protocols like HTTP use to maintain some persistent information across requests.

A cookie is set by a remote server when it replies to a request and it expects the same cookie to be sent back when further requests are sent.

QNetworkCookie holds one such cookie as received from the network. A cookie has a name and a value, but those are opaque to the application (that is, the information stored in them has no meaning to the application). A cookie has an associated path name and domain, which indicate when the cookie should be sent again to the server.

A cookie can also have an expiration date, indicating its validity. If the expiration date is not present, the cookie is considered a "session cookie" and should be discarded when the application exits (or when its concept of session is over).

QNetworkCookie provides a way of parsing a cookie from the HTTP header format using the QNetworkCookie::parseCookies() function. However, when received in a QNetworkReply, the cookie is already parsed.

This class implements cookies as described by the initial cookie specification by Netscape, which is somewhat similar to the RFC 2109 specification, plus the "HttpOnly" extension. The more recent RFC 2965 specification (which uses the Set-Cookie2 header) is not supported.

See also QNetworkCookieJar, QNetworkRequest, and QNetworkReply.

Member Type Documentation

enum QNetworkCookie::RawForm

This enum is used with the toRawForm() function to declare which form of a cookie shall be returned.

ConstantValueDescription
QNetworkCookie::NameAndValueOnly0makes toRawForm() return only the "NAME=VALUE" part of the cookie, as suitable for sending back to a server in a client request's "Cookie:" header. Multiple cookies are separated by a semi-colon in the "Cookie:" header field.
QNetworkCookie::Full1makes toRawForm() return the full cookie contents, as suitable for sending to a client in a server's "Set-Cookie:" header.

Note that only the Full form of the cookie can be parsed back into its original contents.

See also toRawForm() and parseCookies().

[since 6.1] enum class QNetworkCookie::SameSite

ConstantValueDescription
QNetworkCookie::SameSite::Default0SameSite is not set. Can be interpreted as None or Lax by the browser.
QNetworkCookie::SameSite::None1Cookies can be sent in all contexts. This used to be default, but recent browsers made Lax default, and will now require the cookie to be both secure and to set SameSite=None.
QNetworkCookie::SameSite::Lax2Cookies are sent on first party requests and GET requests initiated by third party website. This is the default in modern browsers (since mid 2020).
QNetworkCookie::SameSite::Strict3Cookies will only be sent in a first-party context.

This enum was introduced in Qt 6.1.

See also setSameSitePolicy() and sameSitePolicy().

Member Function Documentation

[explicit] QNetworkCookie::QNetworkCookie(const QByteArray &name = QByteArray(), const QByteArray &value = QByteArray())

Create a new QNetworkCookie object, initializing the cookie name to name and its value to value.

A cookie is only valid if it has a name. However, the value is opaque to the application and being empty may have significance to the remote server.

QNetworkCookie::QNetworkCookie(const QNetworkCookie &other)

Creates a new QNetworkCookie object by copying the contents of other.

[noexcept] QNetworkCookie::~QNetworkCookie()

Destroys this QNetworkCookie object.

QString QNetworkCookie::domain() const

Returns the domain this cookie is associated with. This corresponds to the "domain" field of the cookie string.

Note that the domain here may start with a dot, which is not a valid hostname. However, it means this cookie matches all hostnames ending with that domain name.

See also setDomain().

QDateTime QNetworkCookie::expirationDate() const

Returns the expiration date for this cookie. If this cookie is a session cookie, the QDateTime returned will not be valid. If the date is in the past, this cookie has already expired and should not be sent again back to a remote server.

The expiration date corresponds to the parameters of the "expires" entry in the cookie string.

See also isSessionCookie() and setExpirationDate().

bool QNetworkCookie::hasSameIdentifier(const QNetworkCookie &other) const

Returns true if this cookie has the same identifier tuple as other. The identifier tuple is composed of the name, domain and path.

See also operator==().

bool QNetworkCookie::isHttpOnly() const

Returns true if the "HttpOnly" flag is enabled for this cookie.

A cookie that is "HttpOnly" is only set and retrieved by the network requests and replies; i.e., the HTTP protocol. It is not accessible from scripts running on browsers.

See also isSecure().

bool QNetworkCookie::isSecure() const

Returns true if the "secure" option was specified in the cookie string, false otherwise.

Secure cookies may contain private information and should not be resent over unencrypted connections.

See also setSecure().

bool QNetworkCookie::isSessionCookie() const

Returns true if this cookie is a session cookie. A session cookie is a cookie which has no expiration date, which means it should be discarded when the application's concept of session is over (usually, when the application exits).

See also expirationDate() and setExpirationDate().

QByteArray QNetworkCookie::name() const

Returns the name of this cookie. The only mandatory field of a cookie is its name, without which it is not considered valid.

See also setName() and value().

void QNetworkCookie::normalize(const QUrl &url)

This functions normalizes the path and domain of the cookie if they were previously empty. The url parameter is used to determine the correct domain and path.

[static] QList<QNetworkCookie> QNetworkCookie::parseCookies(QByteArrayView cookieString)

Parses the cookie string cookieString as received from a server response in the "Set-Cookie:" header. If there's a parsing error, this function returns an empty list.

Since the HTTP header can set more than one cookie at the same time, this function returns a QList<QNetworkCookie>, one for each cookie that is parsed.

Note: In Qt versions prior to 6.7, this function took QByteArray only.

See also toRawForm().

QString QNetworkCookie::path() const

Returns the path associated with this cookie. This corresponds to the "path" field of the cookie string.

See also setPath().

[since 6.1] QNetworkCookie::SameSite QNetworkCookie::sameSitePolicy() const

Returns the "SameSite" option if specified in the cookie string, SameSite::Default if not present.

This function was introduced in Qt 6.1.

See also setSameSitePolicy().

void QNetworkCookie::setDomain(const QString &domain)

Sets the domain associated with this cookie to be domain.

See also domain().

void QNetworkCookie::setExpirationDate(const QDateTime &date)

Sets the expiration date of this cookie to date. Setting an invalid expiration date to this cookie will mean it's a session cookie.

See also isSessionCookie() and expirationDate().

void QNetworkCookie::setHttpOnly(bool enable)

Sets this cookie's "HttpOnly" flag to enable.

See also isHttpOnly().

void QNetworkCookie::setName(const QByteArray &cookieName)

Sets the name of this cookie to be cookieName. Note that setting a cookie name to an empty QByteArray will make this cookie invalid.

See also name() and value().

void QNetworkCookie::setPath(const QString &path)

Sets the path associated with this cookie to be path.

See also path().

[since 6.1] void QNetworkCookie::setSameSitePolicy(QNetworkCookie::SameSite sameSite)

Sets the "SameSite" option of this cookie to sameSite.

This function was introduced in Qt 6.1.

See also sameSitePolicy().

void QNetworkCookie::setSecure(bool enable)

Sets the secure flag of this cookie to enable.

Secure cookies may contain private information and should not be resent over unencrypted connections.

See also isSecure().

void QNetworkCookie::setValue(const QByteArray &value)

Sets the value of this cookie to be value.

See also value() and name().

[noexcept] void QNetworkCookie::swap(QNetworkCookie &other)

Swaps this cookie with other. This function is very fast and never fails.

QByteArray QNetworkCookie::toRawForm(QNetworkCookie::RawForm form = Full) const

Returns the raw form of this QNetworkCookie. The QByteArray returned by this function is suitable for an HTTP header, either in a server response (the Set-Cookie header) or the client request (the Cookie header). You can choose from one of two formats, using form.

See also parseCookies().

QByteArray QNetworkCookie::value() const

Returns this cookies value, as specified in the cookie string. Note that a cookie is still valid if its value is empty.

Cookie name-value pairs are considered opaque to the application: that is, their values don't mean anything.

See also setValue() and name().

bool QNetworkCookie::operator!=(const QNetworkCookie &other) const

Returns true if this cookie is not equal to other.

See also operator==().

QNetworkCookie &QNetworkCookie::operator=(const QNetworkCookie &other)

Copies the contents of the QNetworkCookie object other to this object.

bool QNetworkCookie::operator==(const QNetworkCookie &other) const

Returns true if this cookie is equal to other. This function only returns true if all fields of the cookie are the same.

However, in some contexts, two cookies of the same name could be considered equal.

See also operator!=() and hasSameIdentifier().