Bug: Security class sends cookies immediately, instead of coordinating with the Response class. #5406
Description
PHP Version
7.4
CodeIgniter4 Version
4.1.5
CodeIgniter4 Installation Method
Git
Which operating systems have you tested for this bug?
macOS
Which server did you use?
cli-server (PHP built-in webserver)
Database
n/a
What happened?
Originally encountered during Feature testing. Code that passed previously is now giving errors that Cannot modify header information - headers already sent by. This appears to be happening while the CSRF token is being set while calling a page using the FeatureTestTrait.
Steps to Reproduce
Create a test using FeatureTestTrait. Use that to call a page that is protected with a CSRF hash. Run test.
Expected Output
Instead of sending the cookie immediately, it should add the cookie to the Response class, which then sends all cookies out at once to protect against the possibility of sending cookies early and giving the Output already started errors.
Anything else?
This appears to require letting the Response class (or ResponseTrait?) know how to handle raw cookies, also, in order to completely remove that functionality from the Security class.
Relevant trace:
ErrorException: Cannot modify header information - headers already sent by (output started at /Users/kilishan/WebSites/personal/Bonfire2/vendor/phpunit/phpunit/src/Util/Printer.php:104)
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Cookie/CookieStore.php:248
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Cookie/CookieStore.php:172
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Security/Security.php:521
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Security/Security.php:507
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Security/Security.php:493
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Security/Security.php:467
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Security/Security.php:188
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Config/Services.php:552
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Config/BaseService.php:248
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Config/BaseService.php:189
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Config/Services.php:547
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Config/BaseService.php:248
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Common.php:243
/Users/kilishan/WebSites/personal/Bonfire2/vendor/codeigniter4/framework/system/Common.php:277