How do I set the HttpOnly flag on a cookie in Ruby on Rails

前端 未结 5 1743
小鲜肉
小鲜肉 2021-02-05 01:08

The page Protecting Your Cookies: HttpOnly explains why making HttpOnly cookies is a good idea.

How do I set this property in Ruby on Rails?

5条回答
  •  梦谈多话
    2021-02-05 01:21

    Set the 'http_only' option in the hash used to set a cookie

    e.g.

    cookies["user_name"] = { :value => "david", :httponly => true }

    or, in Rails 2:

    e.g.

    cookies["user_name"] = { :value => "david", :http_only => true }

提交回复
热议问题