Permalink
Browse files

Merge remote branch 'schwern/feature/session_secure'

  • Loading branch information...
2 parents 48b69ef + b01da94 commit ef8103847bc7b8dd624ebec851d83c868ea24a2d @kappa kappa committed Mar 11, 2011
Showing with 42 additions and 0 deletions.
  1. +4 −0 lib/Dancer/Session/Cookie.pm
  2. +38 −0 t/05-session_secure.t
@@ -80,6 +80,7 @@ sub flush {
name => $session_name,
value => $cipher_text,
path => setting("session_cookie_path") || "/",
+ secure=> setting("session_secure"),
);
$self->{id} = $cipher_text;
return 1;
@@ -172,6 +173,9 @@ invalidation of all sessions issued with the old value of key.
B<session_cookie_path> can be used to control the path of the session
cookie. The default is /.
+The global B<session_secure> setting is honoured and a secure (https
+only) cookie will be used if set.
+
=head1 DEPENDENCY
This module depends on L<Crypt::CBC>, L<Crypt::Rijndael>,
View
@@ -0,0 +1,38 @@
+#!/usr/bin/env perl
+
+use strict;
+use warnings;
+
+use Dancer ':syntax';
+use Dancer::Session::Cookie;
+
+use Test::More import => ["!pass"];
+
+plan skip_all => "Dancer::Cookie->secure not supported in this version of Dancer"
+ unless Dancer::Cookie->can("secure");
+
+plan tests => 2;
+
+my $Session_Name = Dancer::Session::Cookie->session_name;
+
+note "session_secure off"; {
+ set session_cookie_key => "secret squirrel";
+ set session => "cookie";
+ session foo => "bar";
+
+ my $session_cookie = Dancer::Cookies->cookies->{ $Session_Name };
+ ok !$session_cookie->secure;
+}
+
+
+note "session_secure on"; {
+ delete Dancer::Cookies->cookies->{ $Session_Name };
+
+ set session_secure => 1;
+ set session => "cookie";
+
+ session up => "down";
+
+ my $session_cookie = Dancer::Cookies->cookies->{ $Session_Name };
+ ok $session_cookie->secure;
+}

0 comments on commit ef81038

Please sign in to comment.