GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
HTTP::Session2::Base(3) User Contributed Perl Documentation HTTP::Session2::Base(3)

HTTP::Session2 - Abstract base class for HTTP::Session2

This is an abstract base class for HTTP::Session2.

"my $session = HTTP::Session2::*->new(%args)"
Create new instance.
hmac_function: CodeRef
This module uses HMAC to sign the session data. You can choice HMAC function for security enhancements and performance tuning.

Default: "\&Digest::SHA::sha1_hex"

session_cookie: HashRef
Options for session cookie. For more details, please look Cookie::Baker.

Default:

        +{
            httponly => 1,
            secure   => 0,
            name     => 'hss_session',
            path     => '/',
        },
    
xsrf_cookie: HashRef
HTTP::Session2 generates 2 cookies. One is for session, other is for XSRF token. This parameter configures parameters for XSRF token cookie. For more details, please look Cookie::Baker.

Default:

        +{
            httponly => 0,
            secure   => 0,
            name     => 'XSRF-TOKEN',
            path     => '/',
        },
    

Note: "httponly" flag should be false. Because this parameter should be readable from JavaScript. And it does not decrease security.

"$session->get($key: Str)"
Get a value from session.
"$session->set($key: Str, $value:Any)"
Set a value to session. This means you can set any Serializable data to the storage.
"$session->remove($key: Str)"
Remove the value from session.
"$session->validate_xsrf_token($token: Str)"
    my $token = $req->header('X-XSRF-TOKEN') || $req->param('XSRF-TOKEN');
    unless ($session->validate_xsrf_token($token)) {
        return Plack::Response->new(
            403,
            [],
            'Missing XSRF token'
        );
    }
    

Validate XSRF token. If the XSRF token is valid, return true. False otherwise.

"$session->xsrf_token()"
Get a XSRF token in string.
"$session->finalize_plack_response($res: Plack::Response)"
Finalize cookie headers and inject it to Plack::Response instance.
2018-01-26 perl v5.32.1

Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.