mirror of https://git.kore.io/kore.git
Change default http_cookie behaviour.
We now default to httponly & secure for newly created cookies. This should've been the default all along. The http_response_cookie() no longer returns a pointer to http_cookie but rather takes it as a parameter and will populate the pointer with the newly created http_cookie if not NULL. Additionally http_response_cookie() automatically sets the domain based on the http_request passed into the function.
This commit is contained in:
parent
c87a9286b4
commit
3d24b65268
|
@ -37,14 +37,12 @@ serve_cookies(struct http_request *req)
|
|||
kore_log(LOG_DEBUG, "Got formatted: %s", value);
|
||||
|
||||
/* set simple cookie */
|
||||
http_response_cookie(req, "Simple", "Hello World!", 0);
|
||||
http_response_cookie(req, "Simple", "Hello World!", NULL);
|
||||
|
||||
/* set complex cookie */
|
||||
cookie = http_response_cookie(req, "Complex", "Secure Value!",
|
||||
HTTP_COOKIE_HTTPONLY | HTTP_COOKIE_SECURE);
|
||||
cookie ->path = kore_strdup("/secure");
|
||||
http_response_cookie(req, "Complex", "Secure Value!", &cookie);
|
||||
cookie->path = kore_strdup("/secure");
|
||||
cookie->expires = time(NULL) + 1 * 60 * 60;
|
||||
cookie->domain = kore_strdup(req->host);
|
||||
|
||||
/* set formatted cookie */
|
||||
http_response_header(req, "set-cookie",
|
||||
|
|
|
@ -259,17 +259,17 @@ void http_response_stream(struct http_request *, int, void *,
|
|||
size_t, int (*cb)(struct netbuf *), void *);
|
||||
int http_request_header(struct http_request *,
|
||||
const char *, char **);
|
||||
int http_request_cookie(struct http_request *,
|
||||
const char *, char **);
|
||||
void http_response_header(struct http_request *,
|
||||
const char *, const char *);
|
||||
struct http_cookie *http_response_cookie(struct http_request *,
|
||||
char *, char *, u_int16_t);
|
||||
int http_request_new(struct connection *, const char *,
|
||||
const char *, const char *, const char *,
|
||||
struct http_request **);
|
||||
int http_state_run(struct http_state *, u_int8_t,
|
||||
struct http_request *);
|
||||
int http_request_cookie(struct http_request *,
|
||||
const char *, char **);
|
||||
void http_response_cookie(struct http_request *,
|
||||
const char *, const char *, struct http_cookie **);
|
||||
|
||||
int http_argument_urldecode(char *);
|
||||
int http_header_recv(struct netbuf *);
|
||||
|
|
13
src/http.c
13
src/http.c
|
@ -1017,9 +1017,9 @@ http_file_rewind(struct http_file *file)
|
|||
file->offset = 0;
|
||||
}
|
||||
|
||||
struct http_cookie *
|
||||
http_response_cookie(struct http_request *req, char *name, char *val,
|
||||
u_int16_t flags)
|
||||
void
|
||||
http_response_cookie(struct http_request *req, const char *name,
|
||||
const char *val, struct http_cookie **out)
|
||||
{
|
||||
struct http_cookie *ck;
|
||||
|
||||
|
@ -1031,14 +1031,15 @@ http_response_cookie(struct http_request *req, char *name, char *val,
|
|||
ck->expires = 0;
|
||||
ck->maxage = -1;
|
||||
ck->path = NULL;
|
||||
ck->domain = NULL;
|
||||
ck->flags = flags;
|
||||
ck->name = kore_strdup(name);
|
||||
ck->value = kore_strdup(val);
|
||||
ck->domain = kore_strdup(req->host);
|
||||
ck->flags = HTTP_COOKIE_HTTPONLY | HTTP_COOKIE_SECURE;
|
||||
|
||||
TAILQ_INSERT_TAIL(&(req->resp_cookies), ck, list);
|
||||
|
||||
return (ck);
|
||||
if (out != NULL)
|
||||
*out = ck;
|
||||
}
|
||||
|
||||
void
|
||||
|
|
Loading…
Reference in New Issue