sashakoshka/step
sashakoshka/step
1
0
Fork 0
Code Issues 13 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

providers/session: Add a comment about what __Host- means

Browse Source
This commit is contained in:
Sasha Koshka 2025-03-27 18:29:15 -04:00
parent 11dfb795ed
commit 4c19694c4c
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
providers/session/session.go
View File

@ -10,8 +10,13 @@ import "git.tebibyte.media/sashakoshka/go-util/sync"
import "git.tebibyte.media/sashakoshka/go-util/container"
import shttp "git.tebibyte.media/sashakoshka/step/http"
const sessionIDCookieName = "step-session-id"
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie
// __Host- prefix: Cookies with names starting with __Host- are sent only to the
// host subdomain or domain that set them, and not to any other host. They must
// be set with the secure flag must be from a secure page (HTTPS), must not have
// a domain specified, and the path must be /
const secureSessionIDCookieName = "__Host-step-session-id"
const sessionIDCookieName = "step-session-id"
const defaultLifetime = 48 * time.Hour
var _ step.FuncProviderFor = new(Provider)