What is CI4's Cookie class?
Why Interviewers Ask This
Candidates at the intermediate level are expected to not only know this concept but explain the trade-offs involved. Interviewers use this question to see if you can reason about design decisions, not just recall facts.
Answer
CodeIgniter 4 provides a dedicated Cookie class for working with cookies in a secure, object-oriented way. Create a cookie: $cookie = new \CodeIgniter\Cookie\Cookie("theme", "dark", ["expires" => YEAR, "path" => "/", "secure" => true, "httponly" => true, "samesite" => "Lax"]). Set via response: $this->response->setCookie($cookie) or $this->response->setCookie("theme", "dark", YEAR). Read cookies: $this->request->getCookie("theme") or get_cookie("theme"). Delete a cookie: $this->response->deleteCookie("theme"). The Cookie class encourages security best practices: secure (HTTPS only), httponly (no JavaScript access), and samesite (CSRF protection). Configure default options in app/Config/Cookie.php. Cookie values are not encrypted by default — use CI4's Encryption service to encrypt sensitive cookie values before setting them.
Pro Tip
If you're unsure about a detail, say so honestly and explain your reasoning. Interviewers respect candidates who can think through uncertainty rather than bluffing.