diff options
| author | Vladimir Homutov <vl@nginx.com> | 2015-03-17 18:46:15 +0300 |
|---|---|---|
| committer | Aleksei Bavshin <a.bavshin@f5.com> | 2026-03-09 11:08:30 -0600 |
| commit | 6c13f0468be05a4d9f2f36e1a28ebbe14ac10281 (patch) | |
| tree | 2d653afce57c8581ff7e42af650cb988acf3f9a4 /src/http | |
| parent | d12dd2405d659707f75eaa93d45ed762cc5bdd5d (diff) | |
| download | nginx-6c13f0468be05a4d9f2f36e1a28ebbe14ac10281.tar.gz nginx-6c13f0468be05a4d9f2f36e1a28ebbe14ac10281.tar.bz2 | |
Sticky: added "httponly" and "secure" attributes.
The attributes are described in RFC6265, sections 4.1.2.5 and 4.1.2.6
respectively.
Diffstat (limited to 'src/http')
| -rw-r--r-- | src/http/modules/ngx_http_upstream_sticky_module.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/http/modules/ngx_http_upstream_sticky_module.c b/src/http/modules/ngx_http_upstream_sticky_module.c index 75ebd3123..5d43a1ced 100644 --- a/src/http/modules/ngx_http_upstream_sticky_module.c +++ b/src/http/modules/ngx_http_upstream_sticky_module.c @@ -72,6 +72,8 @@ typedef struct { ngx_str_t cookie_domain; ngx_str_t cookie_path; time_t cookie_expires; + unsigned cookie_httponly:1; + unsigned cookie_secure:1; } ngx_http_upstream_sticky_srv_conf_t; @@ -148,6 +150,8 @@ static char *ngx_http_upstream_sticky_learn(ngx_conf_t *cf, static u_char expires[] = "; expires=Thu, 31-Dec-37 23:55:55 GMT"; +static u_char httponly[] = "; httponly"; +static u_char secure[] = "; secure"; static ngx_command_t ngx_http_upstream_sticky_commands[] = { @@ -551,6 +555,14 @@ ngx_http_upstream_sticky_cookie_insert(ngx_peer_connection_t *pc, len += sizeof(expires) - 1; } + if (stcf->cookie_httponly) { + len += sizeof(httponly) - 1; + } + + if (stcf->cookie_secure) { + len += sizeof(secure) - 1; + } + data = ngx_pnalloc(r->pool, len); if (data == NULL) { return NGX_ERROR; @@ -572,6 +584,15 @@ ngx_http_upstream_sticky_cookie_insert(ngx_peer_connection_t *pc, } p = ngx_copy(p, stcf->cookie_domain.data, stcf->cookie_domain.len); + + if (stcf->cookie_httponly) { + p = ngx_copy(p, httponly, sizeof(httponly) - 1); + } + + if (stcf->cookie_secure) { + p = ngx_copy(p, secure, sizeof(secure) - 1); + } + ngx_memcpy(p, stcf->cookie_path.data, stcf->cookie_path.len); cookie = stp->cookie; @@ -892,6 +913,8 @@ ngx_http_upstream_sticky_create_conf(ngx_conf_t *cf) * stcf->cookie_name = { 0, NULL }; * stcf->cookie_domain = { 0, NULL }; * stcf->cookie_path = { 0, NULL }; + * stcf->cookie_httponly = 0; + * stcf->cookie_secure = 0; */ stcf->cookie_expires = NGX_CONF_UNSET; @@ -1061,6 +1084,22 @@ ngx_http_upstream_sticky_cookie(ngx_conf_t *cf, } } + } else if (ngx_strcmp(value[i].data, "httponly") == 0) { + + if (stcf->cookie_httponly) { + return "parameter \"httponly\" is duplicate"; + } + + stcf->cookie_httponly = 1; + + } else if (ngx_strcmp(value[i].data, "secure") == 0) { + + if (stcf->cookie_secure) { + return "parameter \"secure\" is duplicate"; + } + + stcf->cookie_secure = 1; + } else { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "unknown parameter \"%V\"", &value[i]); |