Permalink
Browse files

Addition of HttpOnly cookie support to Rack::Response

  • Loading branch information...
1 parent c03ad43 commit c7263d1181b192b0aab165e955ca058d4269cacd @scytrin scytrin committed Jan 9, 2009
Showing with 8 additions and 1 deletion.
  1. +2 −1 lib/rack/response.rb
  2. +6 −0 test/spec_rack_response.rb
View
@@ -61,12 +61,13 @@ def set_cookie(key, value)
expires = "; expires=" + value[:expires].clone.gmtime.
strftime("%a, %d-%b-%Y %H:%M:%S GMT") if value[:expires]
secure = "; secure" if value[:secure]
+ httponly = "; HttpOnly" if value[:httponly]
value = value[:value]
end
value = [value] unless Array === value
cookie = Utils.escape(key) + "=" +
value.map { |v| Utils.escape v }.join("&") +
- "#{domain}#{path}#{expires}#{secure}"
+ "#{domain}#{path}#{expires}#{secure}#{httponly}"
case self["Set-Cookie"]
when Array
@@ -69,6 +69,12 @@
response["Set-Cookie"].should.equal "foo=bar; secure"
end
+ specify "can set http only cookies" do
+ response = Rack::Response.new
+ response.set_cookie "foo", {:value => "bar", :httponly => true}
+ response["Set-Cookie"].should.equal "foo=bar; HttpOnly"
+ end
+
specify "can delete cookies" do
response = Rack::Response.new
response.set_cookie "foo", "bar"

0 comments on commit c7263d1

Please sign in to comment.