Provide support for documenting request and response cookies

[wilkinsona]

There are a couple of ways in which this could be implemented:

• By adding Cookie and Set-Cookie headers for each cookie in the request and response respectively and using the existing headers snippet
• By adding specific request cookies and response cookies snippets and a richer cookie descriptor

I'm leaning towards the latter at the moment as it would allow the details of the cookie, even if it was just the name, to be verified.

[PascaleBorscia]

Hello,

I prefer also the second implementation. A cookie is a special header and is used for special requests that require session affinity.
We use only the name in your application (identity). But I think it is interesting also to add the path and the max-age as details.

Thank-you for your prompt response.

[welcor]

I also think the second approach is most valuable. Having a "Cookie" header is no guarantee that there is a specific cookie value in it.

[clydebarrow]

Although cookie data is now available in the response object, there is no support I can see for generating snippets for cookies - i.e. I would have expected a class like ResponseCookiesSnippet to be available. Is there any progress on this?

[wilkinsona]

No progress has been made. I'm still leaning towards the latter approach, and that seems to be an opinion that's shared by you and those that have commented above. If you'd like to propose an implementation, I'd be more than happy to review a pull request.

[wilkinsona]

Closing in favour of #592.