Subject: | Support for cookie path and domain |
I need to configure the "path" of my session cookie. I'm attaching a
patch to support it. The path defauts to / (as currently) but can be
redefined, as the name is.
I don't need it right now but support for the domain of the cookie is
also added in the patch.
Subject: | Session.pm.diff |
--- /usr/lib/perl5/site_perl/5.8.8/CGI/Session.pm.old 2010-08-31 16:46:48.000000000 +0200
+++ /usr/lib/perl5/site_perl/5.8.8/CGI/Session.pm 2010-09-01 10:47:27.000000000 +0200
@@ -9,6 +9,8 @@
@CGI::Session::ISA = qw( CGI::Session::ErrorHandler );
$CGI::Session::VERSION = '4.42';
$CGI::Session::NAME = 'CGISESSID';
+$CGI::Session::PATH = '/';
+$CGI::Session::DOMAIN = undef;
$CGI::Session::IP_MATCH = 0;
sub STATUS_UNSET () { 1 << 0 } # denotes session that's resetted
@@ -182,6 +184,34 @@
return $CGI::Session::NAME;
}
+sub path {
+ my $self = shift;
+
+ if (ref $self) {
+ unless ( @_ ) {
+ return $self->{_PATH} || $CGI::Session::PATH;
+ }
+ return $self->{_PATH} = $_[0];
+ }
+
+ $CGI::Session::PATH = $_[0] if @_;
+ return $CGI::Session::PATH;
+}
+
+sub domain {
+ my $self = shift;
+
+ if (ref $self) {
+ unless ( @_ ) {
+ return $self->{_DOMAIN} || $CGI::Session::DOMAIN;
+ }
+ return $self->{_DOMAIN} = $_[0];
+ }
+
+ $CGI::Session::DOMAIN = $_[0] if @_;
+ return $CGI::Session::DOMAIN;
+}
+
sub dump {
my $self = shift;
@@ -340,13 +370,28 @@
my $cookie= undef;
if ( $self->is_expired ) {
- $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -expires=> '-1d', @_ );
+ if (defined $self->domain) {
+ $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -expires=> '-1d', -path=>$self->path, -domain=>$self->domain, @_ );
+ }
+ else {
+ $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -expires=> '-1d', -path=>$self->path, @_ );
+ }
}
elsif ( my $t = $self->expire ) {
- $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -expires=> '+' . $t . 's', @_ );
+ if (defined $self->domain) {
+ $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -expires=> '+' . $t . 's', -path=>$self->path, -domain=>$self->domain, @_ );
+ }
+ else {
+ $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -expires=> '+' . $t . 's', -path=>$self->path, @_ );
+ }
}
else {
- $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, @_ );
+ if (defined $self->domain) {
+ $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -path=>$self->path, -domain=>$self->domain, @_ );
+ }
+ else {
+ $cookie = $query->cookie( -name=>$self->name, -value=>$self->id, -path=>$self->path, @_ );
+ }
}
return $cookie;
}
@@ -1203,10 +1248,12 @@
It will retrieve the name of the session cookie from C<$session->name()> which defaults to C<$CGI::Session::NAME>. If you want to use a different name for your session cookie, do something like following before creating session object:
CGI::Session->name("MY_SID");
+ CGI::Session->path("/my_path");
+ CGI::Session->path("www.example.com");
$session = CGI::Session->new(undef, $cgi, \%attrs);
-Now, $session->header() uses "MY_SID" as a name for the session cookie. For all additional options that can
-be passed, see the C<header()> docs in L<CGI>.
+Now, $session->header() uses "MY_SID" as a name for the session cookie, with "/my_path" as cookie path and "www.example.com" as domain.
+For all additional options that can be passed, see the C<header()> docs in L<CGI>.
=head2 query()