Documentation ¶
Overview ¶
Package cookie provides utilities for using HTTP cookies.
Index ¶
- func Delete(w http.ResponseWriter, name, domain string)
- func GetEncrypted(r *http.Request, name string, key string) (*http.Cookie, error)
- func Set(w http.ResponseWriter, name string, value string, domain string, ...)
- func SetEncrypted(r *http.Request, w http.ResponseWriter, name string, value string, ...)
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Delete ¶
func Delete(w http.ResponseWriter, name, domain string)
Delete removes the named cookie.
func GetEncrypted ¶ added in v0.0.11
GetEncrypted authenticates, un-encrypts and returns a copy of the named cookie.
func Set ¶
func Set( w http.ResponseWriter, name string, value string, domain string, mAge time.Duration, jsAccess bool, )
Set creates a cookie on the HTTP response.
If domain is an empty string, the cookie is set for the current host(excluding subdomains) else it is set for the given domain and its subdomains. If mAge == 0, a session cookie is created. If mAge < 0, it means delete the cookie now. If jsAccess is false, the cookie will be in-accesible to Javascript. In most cases you should set it to false(exceptions are rare, like when setting a csrf cookie)
func SetEncrypted ¶ added in v0.0.11
func SetEncrypted( r *http.Request, w http.ResponseWriter, name string, value string, domain string, mAge time.Duration, key string, )
SetEncrypted creates a cookie on the HTTP response. The cookie value(but not the name) is encrypted and authenticated using cry.Enc.
Note: While encrypted cookies can guarantee that the data has not been tampered with, that it is all there and correct, and that the clients cannot read its raw value; they cannot guarantee freshness. This means that (similar to plain-text cookies), they are still susceptible to replay attacks
Also see Set
Example ¶
package main import ( "encoding/json" "fmt" "net/http" "net/http/httptest" "time" "github.com/komuw/ong/cookie" ) type shoppingCart struct { ItemName string Price uint8 } func shoppingCartHandler() http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { cookieName := "cart" key := "superSecret" item := shoppingCart{ItemName: "shoe", Price: 89} b, err := json.Marshal(item) if err != nil { panic(err) } cookie.SetEncrypted( r, w, cookieName, string(b), "example.com", 2*time.Hour, key, ) fmt.Fprint(w, "thanks for shopping!") } } func main() { rec := httptest.NewRecorder() req := httptest.NewRequest(http.MethodGet, "/shop", nil) shoppingCartHandler().ServeHTTP(rec, req) res := rec.Result() defer res.Body.Close() if res.StatusCode != http.StatusOK { panic("unexcpected") } fmt.Println(res.Cookies()[0].Name) }
Output: cart
Types ¶
This section is empty.