Module for Nginx which allows to set the flags "HttpOnly", "secure" and "SameSite" for cookies.
Switch branches/tags
Nothing to show
Clone or download
AirisX Merge pull request #6 from AirisX/fix/readme
Minor fix in README.md
Latest commit c4ff449 Dec 19, 2017
Permalink
Failed to load latest commit information.
LICENSE Initial commit Mar 17, 2017
README.md Minor fix in README.md Dec 19, 2017
config Initial commit Mar 17, 2017
ngx_http_cookie_flag_filter_module.c Added support for the flag SameSite Apr 28, 2017

README.md

The Nginx module for adding cookie flag

License

The Nginx module for adding cookie flag

Dependencies

Compatibility

  • 1.11.x (last tested: 1.11.2)

Earlier versions is not tested.

Installation

  1. Clone the git repository.
git clone git://github.com:AirisX/nginx_cookie_flag_module.git
  1. Add the module to the build configuration by adding --add-module=/path/to/nginx_cookie_flag_module or --add-dynamic-module=/path/to/nginx_cookie_flag_module

  2. Build the nginx binary.

  3. Install the nginx binary.

Synopsis

location / {
    set_cookie_flag Secret HttpOnly secure SameSite;
    set_cookie_flag * HttpOnly;
    set_cookie_flag SessionID SameSite=Lax secure;
    set_cookie_flag SiteToken SameSite=Strict;
}

Description

This module for Nginx allows to set the flags "HttpOnly", "secure" and "SameSite" for cookies in the "Set-Cookie" upstream response headers. The register of letters for the flags doesn't matter as it will be converted to the correct value. The order of cookie declaration among multiple directives doesn't matter too. It is possible to set a default value using symbol "*". In this case flags will be added to the all cookies if no other value for them is overriden.

Directives

set_cookie_flag

- -
Syntax set_cookie_flag <cookie_name|*> [HttpOnly] [secure] [SameSite|SameSite=[Lax|Strict]];
Default -
Context server, location

Description: Add flag to desired cookie.

Author

Anton Saraykin [Airisenator@gmail.com]