Add set samesite in cookie. (#2306)
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
This commit is contained in:
parent
bd5ee1aae2
commit
57f99ca50f
13
context.go
13
context.go
@ -71,6 +71,10 @@ type Context struct {
|
|||||||
// formCache use url.ParseQuery cached PostForm contains the parsed form data from POST, PATCH,
|
// formCache use url.ParseQuery cached PostForm contains the parsed form data from POST, PATCH,
|
||||||
// or PUT body parameters.
|
// or PUT body parameters.
|
||||||
formCache url.Values
|
formCache url.Values
|
||||||
|
|
||||||
|
// SameSite allows a server to define a cookie attribute making it impossible for
|
||||||
|
// the browser to send this cookie along with cross-site requests.
|
||||||
|
sameSite http.SameSite
|
||||||
}
|
}
|
||||||
|
|
||||||
/************************************/
|
/************************************/
|
||||||
@ -782,10 +786,15 @@ func (c *Context) GetRawData() ([]byte, error) {
|
|||||||
return ioutil.ReadAll(c.Request.Body)
|
return ioutil.ReadAll(c.Request.Body)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// SetSameSite with cookie
|
||||||
|
func (c *Context) SetSameSite(samesite http.SameSite) {
|
||||||
|
c.sameSite = samesite
|
||||||
|
}
|
||||||
|
|
||||||
// SetCookie adds a Set-Cookie header to the ResponseWriter's headers.
|
// SetCookie adds a Set-Cookie header to the ResponseWriter's headers.
|
||||||
// The provided cookie must have a valid Name. Invalid cookies may be
|
// The provided cookie must have a valid Name. Invalid cookies may be
|
||||||
// silently dropped.
|
// silently dropped.
|
||||||
func (c *Context) SetCookie(name, value string, maxAge int, path, domain string, sameSite http.SameSite, secure, httpOnly bool) {
|
func (c *Context) SetCookie(name, value string, maxAge int, path, domain string, secure, httpOnly bool) {
|
||||||
if path == "" {
|
if path == "" {
|
||||||
path = "/"
|
path = "/"
|
||||||
}
|
}
|
||||||
@ -795,7 +804,7 @@ func (c *Context) SetCookie(name, value string, maxAge int, path, domain string,
|
|||||||
MaxAge: maxAge,
|
MaxAge: maxAge,
|
||||||
Path: path,
|
Path: path,
|
||||||
Domain: domain,
|
Domain: domain,
|
||||||
SameSite: sameSite,
|
SameSite: c.sameSite,
|
||||||
Secure: secure,
|
Secure: secure,
|
||||||
HttpOnly: httpOnly,
|
HttpOnly: httpOnly,
|
||||||
})
|
})
|
||||||
|
@ -602,13 +602,15 @@ func TestContextPostFormMultipart(t *testing.T) {
|
|||||||
|
|
||||||
func TestContextSetCookie(t *testing.T) {
|
func TestContextSetCookie(t *testing.T) {
|
||||||
c, _ := CreateTestContext(httptest.NewRecorder())
|
c, _ := CreateTestContext(httptest.NewRecorder())
|
||||||
c.SetCookie("user", "gin", 1, "/", "localhost", http.SameSiteLaxMode, true, true)
|
c.SetSameSite(http.SameSiteLaxMode)
|
||||||
|
c.SetCookie("user", "gin", 1, "/", "localhost", true, true)
|
||||||
assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure; SameSite=Lax", c.Writer.Header().Get("Set-Cookie"))
|
assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure; SameSite=Lax", c.Writer.Header().Get("Set-Cookie"))
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestContextSetCookiePathEmpty(t *testing.T) {
|
func TestContextSetCookiePathEmpty(t *testing.T) {
|
||||||
c, _ := CreateTestContext(httptest.NewRecorder())
|
c, _ := CreateTestContext(httptest.NewRecorder())
|
||||||
c.SetCookie("user", "gin", 1, "", "localhost", http.SameSiteLaxMode, true, true)
|
c.SetSameSite(http.SameSiteLaxMode)
|
||||||
|
c.SetCookie("user", "gin", 1, "", "localhost", true, true)
|
||||||
assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure; SameSite=Lax", c.Writer.Header().Get("Set-Cookie"))
|
assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure; SameSite=Lax", c.Writer.Header().Get("Set-Cookie"))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user