|
Wt
4.14.0
|
An HTTP Cookie with the "__Host-" prefix. More...
#include <Wt/Http/HostCookie.h>
Public Member Functions | |
| HostCookie (const std::string &name) | |
| Constructor for a host cookie without value. | |
| HostCookie (const std::string &name, const std::string &value, const Wt::WDateTime &expires) | |
| Constructor for a host cookie that expires at a certain datetime. | |
| HostCookie (const std::string &name, const std::string &value, const std::chrono::seconds &maxAge) | |
| Constructor for a host cookie that expires after certain duration. | |
| std::string | logicName () const |
| Returns name of the cookie without the prefix. | |
| void | setSecure (bool secure) override |
| Logs a warning. | |
| void | setPath (const std::string &path) override |
| Logs a warning. | |
| void | setDomain (const std::string &domain) override |
| Logs a warning. | |
Public Member Functions inherited from Wt::Http::Cookie | |
| Cookie (const std::string &name) | |
| Constructor for cookie without value. | |
| Cookie (const std::string &name, const std::string &value, const Wt::WDateTime &expires) | |
| Constructor for a cookie that expires at a certain datetime. | |
| Cookie (const std::string &name, const std::string &value, const std::chrono::seconds &maxAge) | |
| Constructor for a cookie that expires after certain duration. | |
| const std::string & | name () const |
| The cookie name. | |
| void | setValue (const std::string &value) |
| Sets the cookie value. | |
| const std::string & | value () const |
| The cookie value. | |
| void | setExpires (const Wt::WDateTime &expires) |
| Sets when the cookie will expire. | |
| const Wt::WDateTime & | expires () const |
| The cookie expiration. | |
| void | setMaxAge (const std::chrono::seconds &maxAge) |
| Sets the cookie's Max-Age. | |
| const std::chrono::seconds & | maxAge () const |
| The cookie's Max-Age. | |
| const std::string & | domain () const |
| The cookie domain. | |
| const std::string & | path () const |
| The cookie path. | |
| bool | secure () const |
| Returns if the cookie must be sent over secure connection. | |
| void | setHttpOnly (bool httpOnly) |
| Sets if the cookie is only accessible through HTTP. | |
| bool | httpOnly () const |
| Returns if the cookie is only accessible through HTTP. | |
| void | setSameSite (SameSite sameSite) |
| Sets the cookie SameSite attribute. | |
| SameSite | sameSite () const |
| The cookie SameSite attribute. | |
Additional Inherited Members | |
Public Types inherited from Wt::Http::Cookie | |
| enum class | SameSite { None , Lax , Strict } |
| Enumeration of SameSite attribute values. More... | |
An HTTP Cookie with the "__Host-" prefix.
This is a helper class used to create a cookie with the "__Host-" prefix.
A Cookie with the "__Host-" prefix can only be set over a HTTPS connection, and can only be overwritten by the domain that set it. It also enforces the Domain attribute of the cookie to be empty, the secure flag be set, and the Path attribute to be set to "/".
This protects the cookie from being altered by a compromised subdomain, stopping a potential attack vector.
|
explicit |
Constructor for a host cookie without value.
Allows you to only specify the name of the cookie. This can be useful if the intention is to pass it to WApplication::removeCookie(), in which case no value is needed.
| Wt::Http::HostCookie::HostCookie | ( | const std::string & | name, |
| const std::string & | value, | ||
| const Wt::WDateTime & | expires | ||
| ) |
Constructor for a host cookie that expires at a certain datetime.
The name must be a valid cookie name (of type 'token': no special characters or separators, see RFC2616 page 16). The value may be anything.
| Wt::Http::HostCookie::HostCookie | ( | const std::string & | name, |
| const std::string & | value, | ||
| const std::chrono::seconds & | maxAge | ||
| ) |
Constructor for a host cookie that expires after certain duration.
The name must be a valid cookie name (of type 'token': no special characters or separators, see RFC2616 page 16). The value may be anything.
Logs a warning.
This function logs a warning instead of changing the domain, since the domain of a cookie with the "__Host-" prefix must always be empty.
Reimplemented from Wt::Http::Cookie.
Logs a warning.
This function logs a warning instead of changing the path, since the path of a cookie with the "__Host-" prefix must always be set to "/".
Reimplemented from Wt::Http::Cookie.
Logs a warning.
This function logs a warning instead of enabling/disabling the secure flag, since the secure flag must always be set on a cookie with the "__Host-" prefix.
Reimplemented from Wt::Http::Cookie.