1
0
Fork 0
mirror of https://github.com/actix/actix-web.git synced 2024-11-26 11:31:09 +00:00

Add http_only flag to CookieSessionBackend

This commit is contained in:
Denis Kolodin 2018-07-23 12:29:25 +03:00
parent 4862227df9
commit b367f07d56
2 changed files with 10 additions and 1 deletions

View file

@ -6,6 +6,7 @@
* Fixed default_resource 'not yet implemented' panic #410
* Add `CookieSessionBackend::http_only` method to set `HttpOnly` directive of cookies
## [0.7.0] - 2018-07-21

View file

@ -358,6 +358,7 @@ struct CookieSessionInner {
path: String,
domain: Option<String>,
secure: bool,
http_only: bool,
max_age: Option<Duration>,
same_site: Option<SameSite>,
}
@ -371,6 +372,7 @@ impl CookieSessionInner {
path: "/".to_owned(),
domain: None,
secure: true,
http_only: true,
max_age: None,
same_site: None,
}
@ -388,7 +390,7 @@ impl CookieSessionInner {
let mut cookie = Cookie::new(self.name.clone(), value);
cookie.set_path(self.path.clone());
cookie.set_secure(self.secure);
cookie.set_http_only(true);
cookie.set_http_only(self.http_only);
if let Some(ref domain) = self.domain {
cookie.set_domain(domain.clone());
@ -532,6 +534,12 @@ impl CookieSessionBackend {
self
}
/// Sets the `http_only` field in the session cookie being built.
pub fn http_only(mut self, value: bool) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().http_only = value;
self
}
/// Sets the `same_site` field in the session cookie being built.
pub fn same_site(mut self, value: SameSite) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().same_site = Some(value);