Cookies are HttpOnly

2011-07-15 11:01:08 +03:00 · 2011-07-15 11:01:08 +03:00 · 86e3800951
commit 86e3800951
parent d280870cb7
2 changed files with 3 additions and 2 deletions
--- a/Yesod/Handler.hs
+++ b/Yesod/Handler.hs
@ -797,6 +797,7 @@ headerToPair cp getExpires (AddCookie minutes key value) =
                then Nothing
                else Just $ getExpires minutes
        , setCookieDomain = Nothing
+        , setCookieHttpOnly = True
        })
 headerToPair cp _ (DeleteCookie key) =
    ( "Set-Cookie"
--- a/yesod-core.cabal
+++ b/yesod-core.cabal
@ -1,5 +1,5 @@
 name:            yesod-core
-version:         0.8.3.1
+version:         0.8.3.2
 license:         BSD3
 license-file:    LICENSE
 author:          Michael Snoyman <michael@snoyman.com>
@ -45,7 +45,7 @@ library
                   , containers                >= 0.2      && < 0.5
                   , monad-control             >= 0.2      && < 0.3
                   , enumerator                >= 0.4.7    && < 0.5
-                   , cookie                    >= 0.2.1    && < 0.3
+                   , cookie                    >= 0.3      && < 0.4
                   , blaze-html                >= 0.4      && < 0.5
                   , http-types                >= 0.6      && < 0.7
                   , case-insensitive          >= 0.2      && < 0.4