Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

gevarghese's avatar

Cookie from external URL

I am new to laravel . I need to read a cookie generated by external site (which is available in my browser) on my Laravel app's custom middleware . can some one help me please

0 likes
4 replies
Thyrosis's avatar

You won't get this done with Laravel. Laravel is executed only on the server and has no persistant connection to your browser.

For cookie management, this means you'll need some help from your browser for this, possibly using jQuery or Vue. Vue seems to have a plug in for this: https://github.com/alfhen/vue-cookie .

That being said, I think you might run into a lot of difficulties trying to access a cookie from domain1 when visiting domain2. That should be pretty walled off for the obvious security issues that this brings.

However, if you have access to both domains ( so both your own site and the external site), you could use some AJAX stuff and an API from the external site to read the cookie data set by the external site, but then you need to set up your CORS security too.

KNietzsche's avatar

You can try with Curl, there are options for cookies...then you need to 'scrap' to find the cookie...I did it last week for a Yahoo financial api that changes... Some additional parameters for https links, but nothing too difficult.

exemple for a https

public function getCookie()
    {
        //echo $this->url;
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_VERBOSE, 1);
        curl_setopt($ch, CURLOPT_HEADER, 1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
        curl_setopt($ch, CURLOPT_TIMEOUT, 60);
        curl_setopt($ch, CURLOPT_URL, $this->urlCookie); 
        curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); 
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); 
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
        $response = curl_exec($ch);
    
        // Then, after your curl_exec call:
        $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
        $this->header = substr($response, 0, $header_size);
        $this->body = substr($response, $header_size);      
// parse header to find your cookie
        $cookie = '';
        $your_array = explode(";", $this->header);
etc

then you can read url with cookie

public function getContents($thisURL) {
        $ch = curl_init();
         
        curl_setopt($ch, CURLOPT_VERBOSE, 1);
        curl_setopt($ch, CURLOPT_HEADER, false);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
        curl_setopt($ch, CURLOPT_TIMEOUT, 60);
        curl_setopt($ch, CURLOPT_URL, $thisURL);
        curl_setopt( $ch, CURLOPT_COOKIE, $this->cookie ); 
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        $data = curl_exec($ch);
        $errmsg  = curl_error( $ch );
        $header  = curl_getinfo( $ch );
        curl_close($ch);
        
        return $data;
    }

If not, you could use some things like Snoopy cannot help more, lol

gevarghese's avatar

why external cookies are deleted always ? cookiename=deleted; expires=Sun, 29-May-2016 16:30:53 GMT; path=/; httponly

Thyrosis's avatar

Because they typically don't need to be saved after a session ends, e.g. when a user closes the browser.

For instance, a cookie can be used for tracking a visitor across the site. When the user leaves the site, the cookie can be deleted, because the current visit is then over. Non-persistant cookies are used in these cases.

Also, cookies are often presented with the secure, httpOnly and SameSite attribute, all of which make sure that the data stored in the cookie can't be accessed by unauthorised sites or scripts.

What are you actually trying to do? Can't you forgo the cookie idea and solve your challenge in a different way?

Please or to participate in this conversation.