cookie_attrs() :: #{ expires => calendar:datetime(), max_age => calendar:datetime(), domain => binary(), path => binary(), secure => true, http_only => true, same_site => strict | lax | none }
cow_cookie - Cookies
The module cow_cookie
provides functions for parsing and manipulating cookie headers.
cookie_attrs() :: #{ expires => calendar:datetime(), max_age => calendar:datetime(), domain => binary(), path => binary(), secure => true, http_only => true, same_site => strict | lax | none }
Cookie attributes parsed from the set-cookie header. The attributes must be passed as-is to a cookie store engine for processing, along with the cookie name and value. More information about the attributes can be found in RFC 6265.
cookie_opts() :: #{ domain => binary(), http_only => boolean(), max_age => non_neg_integer(), path => binary(), same_site => strict | lax | none, secure => boolean() }
Options for the set-cookie header. They are added to the header as attributes. More information about the options can be found in RFC 6265.
The following options are defined:
Hosts to which the cookie will be sent. By default it will only be sent to the origin server.
Whether the cookie should be restricted to HTTP requests, or it should also be exposed to other APIs, for example Javascript. By default there are no restrictions.
Maximum lifetime of the cookie, in seconds. By default the cookie is kept for the duration of the session.
Path to which the cookie will be sent. By default it will be sent to the current "directory" of the effective request URI.
Whether the cookie should be sent along with cross-site requests. This attribute is currently non-standard but is in the process of being standardized. Please refer to the RFC 6265 (bis) draft for details.
The default value for this attribute may vary depending on user agent and configuration. Browsers are known to be more strict over TCP compared to TLS.
Whether the cookie should be sent only on secure channels (for example TLS). Note that this does not guarantee the integrity of the cookie, only its confidentiality during transfer. By default there are no restrictions.
same_site
attribute and option may now be set to none
.
cookie_attrs
type was added.
Donate to Loïc Hoguin because his work on Cowboy, Ranch, Gun and Erlang.mk is fantastic:
Recurring payment options are also available via GitHub Sponsors. These funds are used to cover the recurring expenses like food, dedicated servers or domain names.