1
0
mirror of https://github.com/actix/actix-extras.git synced 2024-12-01 02:44:37 +01:00

Merge pull request #415 from DenisKolodin/cookie-http-only

Add http_only flag to CookieSessionBackend
This commit is contained in:
Nikolay Kim 2018-07-23 02:54:23 -07:00 committed by GitHub
commit f5347ec897
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 1 deletions

View File

@ -6,6 +6,7 @@
* Fixed default_resource 'not yet implemented' panic #410 * Fixed default_resource 'not yet implemented' panic #410
* Add `CookieSessionBackend::http_only` method to set `HttpOnly` directive of cookies
## [0.7.0] - 2018-07-21 ## [0.7.0] - 2018-07-21

View File

@ -358,6 +358,7 @@ struct CookieSessionInner {
path: String, path: String,
domain: Option<String>, domain: Option<String>,
secure: bool, secure: bool,
http_only: bool,
max_age: Option<Duration>, max_age: Option<Duration>,
same_site: Option<SameSite>, same_site: Option<SameSite>,
} }
@ -371,6 +372,7 @@ impl CookieSessionInner {
path: "/".to_owned(), path: "/".to_owned(),
domain: None, domain: None,
secure: true, secure: true,
http_only: true,
max_age: None, max_age: None,
same_site: None, same_site: None,
} }
@ -388,7 +390,7 @@ impl CookieSessionInner {
let mut cookie = Cookie::new(self.name.clone(), value); let mut cookie = Cookie::new(self.name.clone(), value);
cookie.set_path(self.path.clone()); cookie.set_path(self.path.clone());
cookie.set_secure(self.secure); cookie.set_secure(self.secure);
cookie.set_http_only(true); cookie.set_http_only(self.http_only);
if let Some(ref domain) = self.domain { if let Some(ref domain) = self.domain {
cookie.set_domain(domain.clone()); cookie.set_domain(domain.clone());
@ -532,6 +534,12 @@ impl CookieSessionBackend {
self self
} }
/// Sets the `http_only` field in the session cookie being built.
pub fn http_only(mut self, value: bool) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().http_only = value;
self
}
/// Sets the `same_site` field in the session cookie being built. /// Sets the `same_site` field in the session cookie being built.
pub fn same_site(mut self, value: SameSite) -> CookieSessionBackend { pub fn same_site(mut self, value: SameSite) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().same_site = Some(value); Rc::get_mut(&mut self.0).unwrap().same_site = Some(value);