I'm trying to modify the example provided for signing a url to signing a cookie.

When the $base64UrlKey is decoded, the base64url_decode method is passed a 2nd parameter of true. However the method signature only has one parameter, the string to decode.
What is the boolean supposed to signify?
I had guessed that it was meant to be passed to base64_decode as the second parameter, indicating whether or not the strict rule should apply.

I am having an issue with Chrome where "=" and ":" are being encoded to ascii, and this is causing the cookie to fail. If I change the escaped values, %3D or %3A, back to the literal values then the cookie works. (Unrelated to the issue with base64url_decode)

// Decode the key
$decodedKey = base64url_decode($base64UrlKey, true); // <-- 2nd parameter?

/**
 * Decodes base64url (RFC4648 Section 5) string
 *
 * @param string $input base64url encoded string
 *
 * @return string
 */
function base64url_decode($input) // <- no 2nd boolean parameter
{
    $input .= str_repeat('=', (4 - strlen($input) % 4) % 4);
    return base64_decode(strtr($input, '-_', '+/'));
}