Skip to content

Commit

Permalink
add hash, key for secure cookie.
Browse files Browse the repository at this point in the history
  • Loading branch information
Parker Park committed Aug 31, 2017
1 parent e4d1315 commit 9c7ac4f
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions dp_tornado/engine/handler.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -367,6 +367,7 @@ def remote_ip(self):

def set_secure_cookie(self, name, value, expires_days=30, version=2, **kwargs):
key = self.request.headers["User-Agent"] if "User-Agent" in self.request.headers else 'unknown'
key = self.helper.security.crypto.hash.sha224(key)

if self.ini.session.ip_restricted:
key = '%s:%s' % (self.remote_ip, key)
Expand All @@ -381,6 +382,7 @@ def get_secure_cookie(self, name, value=None, max_age_days=31, min_version=None)
if secure_cookie:
try:
key = self.request.headers["User-Agent"] if "User-Agent" in self.request.headers else 'unknown'
key = self.helper.security.crypto.hash.sha224(key)

if self.ini.session.ip_restricted:
key = '%s:%s' % (self.remote_ip, key)
Expand Down

0 comments on commit 9c7ac4f

Please sign in to comment.