Better support for multiple cookie headers
This commit is contained in:
parent
c2e836bf3a
commit
882956255a
3 changed files with 9 additions and 5 deletions
|
@ -1,3 +1,7 @@
|
|||
## 1.4.9.1
|
||||
|
||||
* Deal better with multiple cookie headers
|
||||
|
||||
## 1.4.9
|
||||
|
||||
* Add simple authentication helpers [#962](https://github.com/yesodweb/yesod/pull/962)
|
||||
|
|
|
@ -695,11 +695,11 @@ loadClientSession key getCachedDate sessionName req = load
|
|||
load = do
|
||||
date <- getCachedDate
|
||||
return (sess date, save date)
|
||||
sess date = fromMaybe Map.empty $ do
|
||||
raw <- lookup "Cookie" $ W.requestHeaders req
|
||||
val <- lookup sessionName $ parseCookies raw
|
||||
sess date = Map.unions $ do
|
||||
raw <- [v | (k, v) <- W.requestHeaders req, k == "Cookie"]
|
||||
val <- [v | (k, v) <- parseCookies raw, k == sessionName]
|
||||
let host = "" -- fixme, properly lock sessions to client address
|
||||
decodeClientSession key date host val
|
||||
maybe [] return $ decodeClientSession key date host val
|
||||
save date sess' = do
|
||||
-- We should never cache the IV! Be careful!
|
||||
iv <- liftIO CS.randomIV
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
name: yesod-core
|
||||
version: 1.4.9
|
||||
version: 1.4.9.1
|
||||
license: MIT
|
||||
license-file: LICENSE
|
||||
author: Michael Snoyman <michael@snoyman.com>
|
||||
|
|
Loading…
Reference in a new issue