haskell/yesod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Comment explaining the behavior of nonce.

Browse Source 
Someone should confirm that this the intended behavior!
This commit is contained in:
Björn Buckwalter 2011-09-16 12:01:15 +08:00
parent 4d55332afc
commit 817ab988e0
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
yesod-core/Yesod/Internal/Request.hs
View File

@ -63,6 +63,10 @@ parseWaiRequest' env session' key' gen = Request gets'' cookies' env langs''' no
Nothing -> langs''
Just x -> x : langs''
gets'' = map (second $ fromMaybe "") gets'
-- If the session is not secure a nonce should not be
-- used (any nonce present in the session is ignored).
-- If a secure session has no nonceKey a new one is
-- generated.
nonce = case (key', lookup nonceKey session') of
(Nothing, _) -> Nothing
(_, Just x) -> Just x