comparison MoinMoin/session.py @ 4084:be4cefe2a219

secure session cookies for https, cfg.cookie_secure
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Fri, 12 Sep 2008 22:01:46 +0200
parents 68da15c7eeec
children afd75bb5f345
comparison
equal deleted inserted replaced
4083:d6a1f2c37f09 4084:be4cefe2a219
316 if not path: 316 if not path:
317 path = '/' 317 path = '/'
318 cookie[cookie_name]['path'] = path 318 cookie[cookie_name]['path'] = path
319 # Set expires for older clients 319 # Set expires for older clients
320 cookie[cookie_name]['expires'] = request.httpDate(when=expires, rfc='850') 320 cookie[cookie_name]['expires'] = request.httpDate(when=expires, rfc='850')
321 # a secure cookie is not transmitted over unsecure connections:
322 if (cfg.cookie_secure or # True means: force secure cookies
323 cfg.cookie_secure is None and request.is_ssl): # None means: https -> secure cookie
324 cookie[cookie_name]['secure'] = True
321 return cookie.output() 325 return cookie.output()
322 326
323 def _set_cookie(self, request, cookie_string, expires): 327 def _set_cookie(self, request, cookie_string, expires):
324 """ Set cookie, raw helper. """ 328 """ Set cookie, raw helper. """
325 lifetime = int(expires - time.time()) 329 lifetime = int(expires - time.time())