cookie

package
v2.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 7, 2026 License: BSD-3-Clause Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	TokenCookieName         = "__Host-token" // #nosec G101: cookie name label, not a credential
	InsecureTokenCookieName = "token"        // #nosec G101: cookie name label, not a credential
	OidcStateCookieName     = "oidc_state"
)

Functions

func BuildClearOidcStateCookieString 

func BuildClearOidcStateCookieString(secure bool) string

BuildClearOidcStateCookieString builds a Set-Cookie header string to clear the OIDC state cookie.

func BuildClearTokenCookieStringsFor 

func BuildClearTokenCookieStringsFor(secure bool) []string

BuildClearTokenCookieStringsFor builds Set-Cookie header strings to clear token cookies matching the current request security context. Secure contexts also clear the HTTP fallback cookie so stale sessions from older releases are flushed instead of being re-presented forever.

func BuildOidcStateCookieString 

func BuildOidcStateCookieString(value string, maxAgeInSeconds int, secure bool) string

BuildOidcStateCookieString builds a Set-Cookie header string for the OIDC state cookie.

func BuildTokenCookieStringFor 

func BuildTokenCookieStringFor(maxAgeInSeconds int, token string, secure bool) string

BuildTokenCookieStringFor builds a Set-Cookie header string matching the current request security context. Callers must pass the trusted secure flag from SecureCookieFromContext / SecureCookieFromRequest so the cookie name (__Host-token vs. token) round-trips correctly behind HTTPS reverse proxies.

func ClearTokenCookie 

func ClearTokenCookie(w http.ResponseWriter, r *http.Request)

func GetTokenCookie 

func GetTokenCookie(r *http.Request) (string, error)

func SecureCookieFromContext 

func SecureCookieFromContext(ctx context.Context) bool

SecureCookieFromContext returns the secure-cookie decision that router middleware derived from TLS or trusted proxy headers.

func SecureCookieFromRequest 

func SecureCookieFromRequest(r *http.Request) bool

SecureCookieFromRequest returns true when the request was made over TLS or router middleware marked it as forwarded from HTTPS by a trusted proxy.

func WithSecureCookieContext 

func WithSecureCookieContext(ctx context.Context, secure bool) context.Context

WithSecureCookieContext records the router's trusted secure-cookie decision.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.