webmcp: framework/env/request/set

webmcp

annotate framework/env/request/set_cookie.lua @ 249:b4b6e1fc74e8

Bugfix in request.set_cookie{...}

author	jbe
date	Sun Mar 01 21:20:29 2015 +0100 (2015-03-01)
parents	32ec28229bb5
children	a0f1a4e76556

rev	line source
jbe/bsw@16	1 --[[--
jbe/bsw@16	2 request.set_cookie{
jbe/bsw@16	3 name = name, -- name of cookie
jbe/bsw@16	4 value = value, -- value of cookie
jbe/bsw@16	5 domain = domain, -- optional domain domain where cookie is transmitted
jbe/bsw@16	6 path = path, -- optional path where cookie is transmitted, defaults to application base
jbe/bsw@16	7 secure = secure -- optional boolean, indicating if cookie should only be transmitted over HTTPS
jbe/bsw@16	8 }
jbe/bsw@16	9
jbe/bsw@16	10 This function is similar to rocketwiki.set_cookie{...}, except that it automatically sets the path to the application base. It also sets secure=true, if the secure option is unset and the application base URL starts with "https://".
jbe/bsw@16	11
jbe/bsw@16	12 --]]--
jbe/bsw@16	13
jbe/bsw@16	14 function request.set_cookie(args)
jbe@223	15 local args = table.new(args)
jbe@223	16 if not args.path then
jbe@223	17 args.path = string.match(
jbe/bsw@16	18 request.get_absolute_baseurl(),
jbe/bsw@16	19 "://[^/](.)"
jbe/bsw@16	20 )
jbe@249	21 if args.path == nil then
jbe@249	22 args.path = "/"
jbe/bsw@16	23 end
jbe/bsw@16	24 end
jbe@223	25 if args.secure == nil then
jbe/bsw@16	26 if string.find(
jbe/bsw@16	27 string.lower(request.get_absolute_baseurl()),
jbe/bsw@16	28 "^https://"
jbe/bsw@16	29 ) then
jbe@223	30 args.secure = true
jbe/bsw@16	31 else
jbe@223	32 args.secure = false
jbe/bsw@16	33 end
jbe/bsw@16	34 end
jbe@223	35 assert(string.find(args.name, "^[0-9A-Za-z%%._~-]+$"), "Illegal cookie name")
jbe@223	36 assert(string.find(args.value, "^[0-9A-Za-z%%._~-]+$"), "Illegal cookie value")
jbe@223	37 local parts = {args.name .. "=" .. args.value}
jbe@223	38 if args.domain then
jbe@223	39 assert(
jbe@223	40 string.find(args.path, "^[0-9A-Za-z%%/._~-]+$"),
jbe@223	41 "Illegal cookie domain"
jbe@223	42 )
jbe@223	43 parts[#parts+1] = "domain=" .. args.domain
jbe@223	44 end
jbe@223	45 if args.path then
jbe@223	46 assert(
jbe@223	47 string.find(args.path, "^[0-9A-Za-z%%/._~-]+$"),
jbe@223	48 "Illegal cookie path"
jbe@223	49 )
jbe@223	50 parts[#parts+1] = "path=" .. args.path
jbe@223	51 end
jbe@223	52 if args.secure then
jbe@223	53 parts[#parts+1] = "secure"
jbe@223	54 end
jbe@223	55 request.add_header("Set-Cookie", table.concat(parts, "; "))
jbe/bsw@16	56 end