From 7ecb9689b03335ec28958c506b083390f4212d45 Mon Sep 17 00:00:00 2001
From: Pelle Braendgaard <pelleb@gmail.com>
Date: Tue, 16 Sep 2008 09:22:11 -0700
Subject: Added support for http_only cookies in cookie_store Added unit tests
 for secure and http_only cookies in cookie_store

Signed-off-by: Michael Koziarski <michael@koziarski.com>
[#1046 state:committed]
---
 actionpack/lib/action_controller/session/cookie_store.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'actionpack/lib/action_controller/session')

diff --git a/actionpack/lib/action_controller/session/cookie_store.rb b/actionpack/lib/action_controller/session/cookie_store.rb
index 5bf7503f04..f2fb200950 100644
--- a/actionpack/lib/action_controller/session/cookie_store.rb
+++ b/actionpack/lib/action_controller/session/cookie_store.rb
@@ -70,7 +70,8 @@ class CGI::Session::CookieStore
       'path'    => options['session_path'],
       'domain'  => options['session_domain'],
       'expires' => options['session_expires'],
-      'secure'  => options['session_secure']
+      'secure'  => options['session_secure'],
+      'http_only' => options['session_http_only']
     }
 
     # Set no_hidden and no_cookies since the session id is unused and we
-- 
cgit v1.2.3