sessions
sessions copied to clipboard
Store-level options not honored
Not sure if I'm looking at this correctly.
Let's say I have a cookie store "github.com/gin-contrib/sessions/cookie".NewStore(...)
and I set some options on it with Options()
. The options are set to the embedded CookieStore
object, as:
// github.com/gin-contrib/sessions/cookie/cookie.go
func (c *store) Options(options sessions.Options) {
c.CookieStore.Options = &gsessions.Options{
Path: options.Path,
Domain: options.Domain,
MaxAge: options.MaxAge,
Secure: options.Secure,
HttpOnly: options.HttpOnly,
}
}
Later I use the store to set some values:
// my own code
session := sessions.Default(c)
session.Set("key", 1234)
err := session.Save()
...
However the options are not honored. By looking at the implementation of the Save
method:
// github.com/gorilla/sessions/store.go
// Save adds a single session to the response.
func (s *CookieStore) Save(r *http.Request, w http.ResponseWriter, session *Session) error {
encoded, err := securecookie.EncodeMulti(session.Name(), session.Values,
s.Codecs...)
if err != nil {
return err
}
http.SetCookie(w, NewCookie(session.Name(), encoded, session.Options))
return nil
}
The options passed to http.SetCookie
are always the session.Options
. Those set earlier on the CookieStore
are ignored.
Is this an intended behavior?
Should I post this issue on the github.com/gorilla/sessions
project?
Thanks
Same here, I can't set the domain of my cookie...