Wt  4.14.0
Loading...
Searching...
No Matches
Public Member Functions | List of all members
Wt::Http::SecureCookie Class Reference

An HTTP Cookie with the "__Secure-" prefix. More...

#include <Wt/Http/SecureCookie.h>

Inheritance diagram for Wt::Http::SecureCookie:
[legend]

Public Member Functions

 SecureCookie (const std::string &name)
 Constructor for a secure cookie without value.
 
 SecureCookie (const std::string &name, const std::string &value, const Wt::WDateTime &expires)
 Constructor for a secure cookie that expires at a certain datetime.
 
 SecureCookie (const std::string &name, const std::string &value, const std::chrono::seconds &maxAge)
 Constructor for a secure cookie that expires after certain duration.
 
std::string logicName () const
 Returns name of the cookie without the prefix.
 
void setSecure (bool secure) override
 Logs a warning.
 
- Public Member Functions inherited from Wt::Http::Cookie
 Cookie (const std::string &name)
 Constructor for cookie without value.
 
 Cookie (const std::string &name, const std::string &value, const Wt::WDateTime &expires)
 Constructor for a cookie that expires at a certain datetime.
 
 Cookie (const std::string &name, const std::string &value, const std::chrono::seconds &maxAge)
 Constructor for a cookie that expires after certain duration.
 
const std::string & name () const
 The cookie name.
 
void setValue (const std::string &value)
 Sets the cookie value.
 
const std::string & value () const
 The cookie value.
 
void setExpires (const Wt::WDateTime &expires)
 Sets when the cookie will expire.
 
const Wt::WDateTimeexpires () const
 The cookie expiration.
 
void setMaxAge (const std::chrono::seconds &maxAge)
 Sets the cookie's Max-Age.
 
const std::chrono::seconds & maxAge () const
 The cookie's Max-Age.
 
virtual void setDomain (const std::string &domain)
 Sets the cookie domain.
 
const std::string & domain () const
 The cookie domain.
 
virtual void setPath (const std::string &path)
 Sets the cookie path.
 
const std::string & path () const
 The cookie path.
 
bool secure () const
 Returns if the cookie must be sent over secure connection.
 
void setHttpOnly (bool httpOnly)
 Sets if the cookie is only accessible through HTTP.
 
bool httpOnly () const
 Returns if the cookie is only accessible through HTTP.
 
void setSameSite (SameSite sameSite)
 Sets the cookie SameSite attribute.
 
SameSite sameSite () const
 The cookie SameSite attribute.
 

Additional Inherited Members

- Public Types inherited from Wt::Http::Cookie
enum class  SameSite { None , Lax , Strict }
 Enumeration of SameSite attribute values. More...
 

Detailed Description

An HTTP Cookie with the "__Secure-" prefix.

This is a helper class used to create a cookie with the "__Secure-" prefix.

A Cookie with the "__Secure-" prefix must be set by a connection over HTTPS. It also enforces the secure flag to be set.

This protects the cookie from being altered by an unsafe connection, or to have its secure flag removed by a compromised subdomain.

See also
WEnvironment::getSecureCookie(), WApplication::setCookie(const Http::Cookie&), WApplication::removeCookie(const Http::Cookie&), WEnvironment::supportsCookies(), HostCookie

Constructor & Destructor Documentation

◆ SecureCookie() [1/3]

Wt::Http::SecureCookie::SecureCookie ( const std::string &  name)
explicit

Constructor for a secure cookie without value.

Allows you to only specify the name of the cookie. This can be useful if the intention is to pass it to WApplication::removeCookie(), in which case no value is needed.

See also
WApplication::removeCookie(const Http::Cookie&)
Note
The prefix is added automatically to the name.

◆ SecureCookie() [2/3]

Wt::Http::SecureCookie::SecureCookie ( const std::string &  name,
const std::string &  value,
const Wt::WDateTime expires 
)

Constructor for a secure cookie that expires at a certain datetime.

The name must be a valid cookie name (of type 'token': no special characters or separators, see RFC2616 page 16). The value may be anything.

See also
WApplication::setCookie(const Http::Cookie&)
Note
The prefix is added automatically to the name.

◆ SecureCookie() [3/3]

Wt::Http::SecureCookie::SecureCookie ( const std::string &  name,
const std::string &  value,
const std::chrono::seconds &  maxAge 
)

Constructor for a secure cookie that expires after certain duration.

The name must be a valid cookie name (of type 'token': no special characters or separators, see RFC2616 page 16). The value may be anything.

See also
WApplication::setCookie(const Http::Cookie&)
Note
The prefix is added automatically to the name.

Member Function Documentation

◆ setSecure()

void Wt::Http::SecureCookie::setSecure ( bool  secure)
overridevirtual

Logs a warning.

This function logs a warning instead of enabling/disabling the secure flag, since the secure flag must always be set on a cookie with the "__Secure-" prefix.

Reimplemented from Wt::Http::Cookie.