diff options
| author | Jiale Zhi <vipcalio@gmail.com> | 2016-06-07 11:31:38 -0700 |
|---|---|---|
| committer | Jiale Zhi <vipcalio@gmail.com> | 2016-06-07 11:31:38 -0700 |
| commit | 3edcd960ba9e3b2154cd3a24bf3e12f3a2a598a6 (patch) | |
| tree | 3b5af925ce4c600aceaef10665378a626ebd4c8a /lib/resty | |
| parent | b83165199e63eec5c7e58f489eb4ac17657e7c46 (diff) | |
| parent | 8f414390cc72da90e9a450a2127acaea247e3dda (diff) | |
| download | lua-resty-cookie-master.tar.gz lua-resty-cookie-master.tar.bz2 lua-resty-cookie-master.zip | |
Diffstat (limited to 'lib/resty')
| -rw-r--r-- | lib/resty/cookie.lua | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/resty/cookie.lua b/lib/resty/cookie.lua index 11d435f..b61877e 100644 --- a/lib/resty/cookie.lua +++ b/lib/resty/cookie.lua @@ -8,6 +8,7 @@ local sub = string.sub local format = string.format local log = ngx.log local ERR = ngx.ERR +local WARN = ngx.WARN local ngx_header = ngx.header local EQUAL = byte("=") @@ -136,6 +137,17 @@ local function bake(cookie) if cookie["max-age"] then cookie.max_age = cookie["max-age"] end + + if (cookie.samesite) then + local samesite = cookie.samesite + + -- if we dont have a valid-looking attribute, ignore the attribute + if (samesite ~= "Strict" and samesite ~= "Lax") then + log(WARN, "SameSite value must be 'Strict' or 'Lax'") + cookie.samesite = nil + end + end + local str = cookie.key .. "=" .. cookie.value .. (cookie.expires and "; Expires=" .. cookie.expires or "") .. (cookie.max_age and "; Max-Age=" .. cookie.max_age or "") @@ -143,6 +155,7 @@ local function bake(cookie) .. (cookie.path and "; Path=" .. cookie.path or "") .. (cookie.secure and "; Secure" or "") .. (cookie.httponly and "; HttpOnly" or "") + .. (cookie.samesite and "; SameSite=" .. cookie.samesite or "") .. (cookie.extension and "; " .. cookie.extension or "") return str end |